DNSTwist Introduction

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
33 minutes
Difficulty
Beginner
CEU/CPE
1
Video Transcription
00:00
Hi, everyone. And welcome back
00:02
in the previous video, we did an introduction of this course, and in this one we will dive into the tool
00:08
we will cower. What Dennis Twist is, who uses it. Why is it used? And we will talk about some of the key technical features of the tool. But just before we begin our lesson, I would like to share a cool statistic with you because I think it is relevant to the topic we're going to discuss. In this course,
00:25
more than 30% of full confirmed data bridges have involved some type of fishing. This is based on a recent report from Verizon on data breach investigations. I encourage you to check it out because it isn't in the interesting read. This is just one of the reasons why you should think about using Dennis Twist for your defense.
00:45
Let's first demystify and say what Venus Twists actually is.
00:49
Dennis Twist is a script written in python programming language by Mr Marching Pulikovsky, which allows you to generate domain name variations using divide rage of techniques. The assumption behind Dennis Twist is really not complicated. He takes the main aim off. You're choosing as an import with usage off its various algorithms,
01:08
it generates the derivative
01:11
remains that could potentially be used for fishing. Various frauds, cooperate, impersonation and so on. Also, the usage of the two. It's pretty easy, but good preparation is paramount for basic uses. You can simply input a domain to get a list of potential attack, Tomei's. While somewhat useful
01:29
by using various command line arguments, you can further refine the search to have better results.
01:36
Let's see who uses a tool like Dennis Twist. I would general say that there are two kinds off users, the good guys and the bad guys. The good guys use a tool like Dennis Twist with a purpose of defending their I t. And the bad guys to conduct various attacks like the before mentioned fishing
01:52
off course there. Situations where intentional or collateral damage can be in an issue.
01:57
But those situations are unlikely to happen. We will stick to the good guys and learn how to protect ourselves and our organization better, Old told Dennis Twist is a very useful tool that any I t person responsible for a Web domain or who wants to protect their company's name or a brand against cyber attacks should have in their virtual
02:17
toolbox
02:19
again, I would like to share an interesting fact that derives from the Vandellas 2020 Mobile Threat Landscape Report.
02:27
It says that a new phishing site launches every 20 seconds. When I read this statistics, I thought of myself. Yeah, right like that who happened three times each minute. I really hope these numbers air wrong because the good guys have a lot of work ahead of them.
02:42
Now let's check. Why is Dennis Twist used here? A couple of specific domain AM attacks that I would like to mention.
02:50
The first woman is called type of squatting, and as its name suggests, the attack relies on a simple typo, a misspelling off some domain you wish to visit or send an email to. A typical example will be to type sign honorary that I t. A standoff cyber ery that I t. B
03:07
and our close on the keyboard
03:10
Next is bit squatting. This is a more machine like error that involves a bit flip ever that can a cure during the process of making a DNS request. This is a mutation of the domain name by one bit. For example,
03:24
Sai Buri with an s the next to me name attack called on Mission is very interesting. It simply removes one of the letters from the domain name to fool you when clicking on a potentially malicious link like sai buri dot i t
03:42
We simply remove the letter r in the middle And if not careful the bad guys went next The insertion attack Simply insert the letter into the domain. A typical example would be toe right side bravery that I t with added letter I I hope I pronounce That's right.
04:01
And the less domain name attack we're going to mention is called home a cliff. This attack replaces a letter in the domain name with other letters or characters that look the same. You could write cyberia that I t with number one Just replace the first leather. Why with the number one instead.
04:20
Now let us move on to some of the technical features of the tool. I won't bother you much just to point out a couple of things.
04:27
The main one is that the industry issues is domain fuzzing algorithms. I want to demystify the word fuzzing in the domain context. Fuzzing, or first testing, is a software technique that involves providing invalid, unexpected or random data as inputs to a computer program.
04:44
The problem then crashes or does something that it wasn't meant to do in the first place.
04:48
The same is with the domain name on Lee that the end result is to trick someone into using that generated domain name. Also, it can use Unicode domain names export to see a spey or J son for further use. Query Different Deanna Centuries like
05:04
a N s MX records
05:09
detect Rogue MX hosts
05:12
give you the G. I p. Information than grab Http and SMTP banners and do who is lookups from the list of features you can see. The Deena's twist is a really powerful tool.
05:27
Never got a short quiz question for you. What kind of put the main aim attack Are you performing? If you only misspelled the name off the domain. One replacement
05:36
to beat squatting, three type of squatting.
05:43
And
05:45
if your answer was type of squatting Number three, then you were and are correct. Congratulations.
05:54
Now let's do a quick summary of what we discussed in this video. We explain what Deanna's twist is, who uses it, why it is used where we touched on the domain name attacks, and in the end we went through some technical features off the tool itself. In the next video, we will start our second module called Vienna's Twist Installation,
06:12
where we will start our hands on part of the course. So see you in the next video.
Up Next