Project page


Typosquatting is a commonly used method by attackers to have domain names (and urls) which sounds or looks like an original domain. This kind of attacks can be used to trick users to access incorrect websites by mistake or providing looks alike domain names.
CIRCL provides a free and public service to find typosquatted domains in order to quickly assess if there are any existing fake domains used by an adversary. The results might include false-positive which are legitimate domain names with similar names. Software


The back-end software is available as an open source project. The typosquatting library is also developed for this project but it can also be used independently of the web interface.


This project is co-funded by Joint Threat Analysis Network - JTAN and CIRCL.
The Action will establish a Joint Threat Analysis Network, an open collaboration group of European computer security incident response teams (CSIRTs) with the focus on collecting, sharing and analysis of technical, operational and strategic threat intelligence. The purpose of this collaboration is to combine unique advantages of different teams to obtain comprehensive situational awareness and actionable information to effectively defend constituencies in each Member State, from critical infrastructure operators targeted by state-sponsored actors to individual citizens affected by cybercrime. The main part of the Action addresses gaps in the Cyber Threat Intelligence (CTI) tooling that is currently used by the national level CSIRTs in Europe. By strengthening individual tools and interconnecting them, the beneficiaries will achieve a new level of common situational awareness and they will benefit from shared knowledge and tooling.

[Go Back Top]