For .cz TLD, there is missing valid typosquat attack using .cy TLD
Closed this issue · 2 comments
For .cz TLDs there are widely used .cy TLDs as another type of typosquat attack.
Because people here in CZ very often make a mistake to type "y" instead of "z" (Czech keyboard has switched position of these two letters in comparison to ENG keyboard.)
For example: seznam.cz (legit) vs seznam.cy (fake)
Thanks for this! More than happy to review a PR if you'd like, otherwise I'll take a look at this later this week to include it as part of the permutation methods.
Took a closer look at ran some tests on haveibeensquatted both locally and deployed. Locally this works as we include cy
tld and can see the TLD. For example:
{"permutation":{"domain":{"fqdn":"seznam.cy","tld":"cy","domain":"seznam"},"kind":"Tld"},"op":"IpEnumeration","data":["46.8.8.100"]}
However in the currently deployed infrastructure this does not seem to get the same result, likely due to resolver issues. I'll be taking a closer look but closing the issue here as it's not related to the twistrs
library.