pezkuwichain/phishing
1
0
Fork 0
mirror of https://github.com/pezkuwichain/phishing.git synced 2026-04-21 23:48:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
a4bb93cb33f68de43de0a392566f4a7fdf3b9eb0
phishing/scripts/findSubs.mjs
T
pezkuwichain a4bb93cb33 feat: complete Pezkuwi rebrand 
- Update phishing URL to phishing.pezkuwichain.io
- Update author to Dijital Kurdistan Tech Inst
- Update README with Pezkuwi project references
- Update IPFS reference to pezkuwichain.io
- Rebrand all package references from @polkadot to @pezkuwi
2026-01-09 04:11:37 +03:00

71 lines
2.5 KiB
JavaScript
Raw Blame History

// Copyright 2020-2026 @pezkuwi/phishing authors & contributors
// SPDX-License-Identifier: Apache-2.0
import fs from 'node:fs';
/** @typedef {{ allow: string[]; deny: string[]; }} AllList */
// muli-part domain codes and (hopefully) valid top-levels (all manual from list)
const DOMS = [
// county stuff
'co.uk', 'com.ru', 'com.se', 'com.co', 'com.cn', 'com.es', 'com.ph', 'com.ua', 'com.ar', 'com.br', 'net.ph', 'org.ua', 'co.in', 'co.za', 'cn.com', 'com.pl', 'de.com', 'eu.com', 'gr.com', 'sa.com', 'us.com', 'uk.com', 'za.com', 'org.in', 'org.ph', 'com.au', 'com.my', 'com.in', 'com.mx', 'co.zw', 'com.vn', 'net.cn', 'org.cn', 'co.ke', 'co.id', 'com.ng', 'in.net', 'co.com', 'co.vu', 'us.org', 'org.ng',
// other hosting stuff
'ns01.us', 'ns02.us', 'kiev.ua', 'dns2.us', '000webhostapp.com', 'my.id', 'ipq.co', 'ngrok.io', 'tmweb.ru', 'firebaseapp.com', 'repl.co', 'blogspot.com', 'rf.gd', 'myftp.biz', '4nmn.com', 'azurewebsites.net', 'pythonanywhere.com', 'redirectme.net', 'yolasite.com', 'diskstation.org', 'servequake.com', 'serveirc.com', 'serveftp.com', 'cloudns.ph', 'epizy.com', 'dd-dns.de', 'dray-dns.de', 'pantheonsite.io', 'bitbucket.io'
];
// medium-like items
const MEDS = DOMS.map((d) => `medium.${d}`);
// get allow/deny lists
/** @type {AllList} */
const all = JSON.parse(fs.readFileSync('all.json', 'utf-8'));
// break the allow list into usable parts
const allow = all
.allow
.concat(...DOMS, ...MEDS)
.map((a) => [a, a.split('.')]);
// filter deny to find items that could possibly be shortened
const filtered = all
.deny
.map((d) =>
// first convert the domain to parts
d.split('.')
)
.filter((d) =>
// anything where we have more than 3 parts to the domain
(d.length > 2) &&
// no ip addresses
(
d.length !== 4 ||
d.some((v) =>
parseInt(v, 10).toString() !== v
)
) &&
// anything where there is more than a sub-domain from a top-level (or no top-level)
!allow.some(([a, p]) =>
(d.length > p.length) &&
(d.slice(-p.length).join('.') === a)
) &&
// no xn--
!d.some((p) =>
p.startsWith('xn--')
)
)
.map((d) =>
// reverse before sort (we re-reverse before we join)
d.reverse()
)
.sort((a, b) =>
// sort from the back (related sub-domains close together in the list)
a.join('.').localeCompare(b.join('.'))
)
.map((d) =>
// convert back to a domain (aka re-reverse before printing)
d.reverse().join('.')
);
console.log(JSON.stringify(filtered, null, 2));
console.log(filtered.length);
Reference in New Issue View Git Blame Copy Permalink