By: Adhirath Kapoor
August 24, 2020
DNSTwist Fundamentals Course Review
By: Adhirath Kapoor
August 24, 2020
Protecting one’s assets is not easy in today’s world, especially when it is in cyberspace. The asset in focus here is a domain name. Website Owners and IT Managers are continuously monitoring and looking for phishing websites with names eerily close to their domains. Why are they doing so? To protect the brand associated with their domain.
Recent reports from Various Security Provider Companies have indicated that most of the latest Data Breaches involved phishing attempts.
What if there was a tool that automated all the monitoring and kept a domain safe from being impersonated? Well, there is, and it is called DNSTwist. DNSTwist is written in Python and works as a permutation engine. It detects typo-squatting, corporate espionage, and phishing activities for a particular domain. The tool takes a domain name as input and then lists suspected phishing domains to determine if they are registered. Although used by the good guys to defend the safety of domains, DNSTwist is also used by the bad guys trying to stay anonymous while performing phishing attacks.
DNSTwist Fundamentals is a course on Cybrary by Tino Sonic and serves as a great primer for those looking to safeguard their domains from potential phishing attacks.
What are the prerequisites required for this course?
Who is this course for?
This course is designed for:
- IT Technicians
- Penetration Testers
- Security Awareness Professionals
- System Administrators
- Network Engineers
Why should you take this course?
This course is a part of the career path “Become A Penetration Tester” and qualifies as one CEU/CPE upon completion. DNSTwist Fundamentals imparts technical know-how of DNSTwist. It is a guide on the installation and usage of the tool within two different Linux environments. Each sub-module consists of a short quiz at the end to evaluate the learner’s understanding of that sub-module.
How many learning modules are in this Course?
DNSTwist Fundamentals has four learning modules. The second and third modules of the course have lab sessions illustrating the practical usage of DNSTwist, which provides all the necessary knowledge required to operate the tool for defensive purposes.
Syllabus and Outline
Module 1 - Introduction
In this module, the instructor introduces himself and talks about his background. He then provides a brief overview of the upcoming modules in the course.
Module 2 - DNSTwist Installation
This module instructs on how to successfully install and configure DNSTwist on Kali Linux and Ubuntu with the help of labs provided. Before the lab walkthroughs, different types of Domain Name Attacks are delineated to provide an understanding of the types of attacks that domains may suffer. Throughout the module, Tino presents some interesting facts about data breaches, the usage of DNSTwist in both offensive and defensive environments, and some different features of DNSTwist.
Module 3 - How to use DNSTwist
This module is interesting as it converts theory into practice regarding how DNSTwist works. The labs in this module will guide through the usage of DNSTwist on the Linux Terminal. In addition to this, Tino also illustrates two web GUI versions of DNSTwist, which are used to analyze and export the results through just a click.
Module 4 - Conclusion
As the name indicates, this module summarizes everything taught in the previous modules and concludes the course.
The Outcome of this Course
After taking this course, a learner should be able to:
- Explain what is DNSTwist and how it works.
- Explain different types of Domain Name Attacks.
- Install and configure DNSTwist on a Linux Machine.
- Use DNSTwist to find out potential phishing domains based on user input.
- Protect the brand associated with a domain against malicious parties.
https://github.com/elceef/dnstwist https://pypi.org/project/dnstwist/ https://www.admin-magazine.com/Archive/2018/47/Detecting-phishing-domains-with-dnstwist https://www.blackhatethicalhacking.com/tools/dnstwist/