[IDN Homograph Attack] – This Is How They Generate Unicode Evil Domains

[IDN Homograph Attack] - This Is How They Generate Unicode Evil Domains
What Is IDN Homograph Attack?
The internationalized domain name (IDN) homograph attack is a way a malicious party may deceive computer users about what remote system they are communicating with, by exploiting the fact that many different characters look alike (i.e., they are homographs, hence the term for the attack, although technically homoglyph is the more accurate term for different characters that look alike). For example, a regular user of example.com may be lured to click a link where the Latin character “a” is replaced with the Cyrillic character “а”.

This kind of spoofing attack is also known as script spoofing. Unicode incorporates numerous writing systems, and, for a number of reasons, similar-looking characters such as Greek Ο, Latin O, and Cyrillic О were not assigned the same code. Their incorrect or malicious usage is a possibility for security attacks.

The registration of homographic domain names is akin to typosquatting, in that both forms of attacks use a similar-looking name to a more established domain to fool a user. The major difference is that in typosquatting the perpetrator attracts victims by relying on natural human typographical errors of those manually entering a URL, while in homograph spoofing the perpetrator deceives the victims by presenting visually indistinguishable Hyperlinks. Indeed, it would be a rare accident for a web user to type, e.g., a Cyrillic letter within an otherwise English word such as “citibank”. There are cases in which a registration can be both typosquatting and homograph spoofing; the pairs of l/I, i/j, and 0/O are all both close together on keyboards and, depending on the typeface, may be difficult or impossible to distinguish.

What Is EvilURL?
EvilUrl is a tool to generate unicode evil domains for IDN Homograph Attack and it also can detect them.


Link: https://github.com/UndeadSec/EvilURL
Tools by: https://t.me/UndeadSec

✪ Credit to: Th1k404
✪ Greetz to: Baykdang, Null502, JekJean

Please subscribe my official youtube channel to get more tutorials
➥ Subscribe Here: https://goo.gl/sv3gsA

======== Contact me via ================================
➥ Visit my KH Blogger: https://stev-it.blogspot.com/
➥ Follow my Facebook Page: https://facebook.com/th1k404/
➥ Follow my Google-plus: https://goo.gl/r3EiXZ

[IDN Homograph Attack] – This Is How They Generate Unicode Evil Domains