A Logo

Feel free to include my content in your page via my
RSS feed Follow @irongeek_adc Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


(追記) (追記ここまで)

Homoglyph Attack Generator and Punycode Converter

Homoglyph Attack Generator

This app is meant to make it easier to generate homographs based on Homoglyphs than having to search for look-a-like character in Unicode, then coping and pasting. Please use only for legitimate pen-test purposes and user awareness training. I also recommend webapp developers use it to test out possible user impersonation attacks in their code. This is still a work in progress, so please send me suggestions (especially for new Homoglyphs to add). While this tool was designed with making IDNA/Punycode names for putting into DNS to display foreign characters in a browsers URL bar, it can be used for other things. Try ignoring the IDNA/Punycode stuff and just making look alike user names for systems that accept Unicode. I made this tool to easily generate homographs based on homoglyphs in Unicode and to test out how different apps display them. It seems like a lot of modern browsers have gotten better at warning the users of attack, but I'd love to hear experiences about other apps that accept Unicode/Punycode/Internationalized Domain Names, especially webapps.

For more information see my Paper Proposal for "Out of Character: Use of Punycode and Homoglyph Attacks to Obfuscate URLs for Phishing".

1st, type in a name to look like:
2nd, choose homoglyphs to use:
3rd, Output will be something like this:

Output appears here.

4th submit so PHP can generate the IDNA/Punycode:

Unicode URL to give out:
Encoded label to set up in DNS:

Below is phlyLabs original converter if you want to try taking the Homograph back and forth:

Original (Unicode) Punycode (ACE)



PHP code based on examples and libraries from phlyLabs Berlin; part of phlyMail
Also thanks to http://homoglyphs.net for helping me find more glyphs.

Char Homoglyphs
ᅟ ᅠ ᅠ
! ! ǃ !
" " ״ ′′ "
$ $ $
% % %
& & &
' ' '
( ( 〔 (
) ) 〕 )
* * ⁎ *
+ + +
, , ‚ ,
- - ‐ 𐀠񴐠-
. . ٠ ۔ ܁ ܂ . ‧ 。 . 。
/ / ̸ ⁄ ∕ ╱ ⫻ ⫽ / ノ
0 0 O o Ο ο О о Օ 𐐠𱠠O o
1 1 I ا 1
2 2 2
3 3 3
4 4 4
5 5 5
6 6 6
7 7 𐐠𱰠7
8 8 Ց 8
9 9 9
Char Homoglyphs
: : ։ ܃ ܄ ∶ ꞉ :
; ; ; ;
< < ‹ <
= = 𐀠񴀠=
> > › >
? ? ?
@ @ @
[ [ [
\ \ \
] ] ]
^ ^ ^
_ _ _
` ` `
a A a À Á Â Ã Ä Å à á â ã ä å ɑ Α α а Ꭺ A a
b B b ß ʙ Β β В Ь Ᏼ ᛒ B b
c C c ς Σ С с Ꮯ C c 𐐠𺀠C c
d D d Ď ď Đ đ ԁ ժ Ꭰ ḍ D d D d
e E e È É Ê Ë é ê ë Ē ē Ĕ ĕ Ė ė Ę Ě ě Ε Е е Ꭼ E e
f F f Ϝ F f
g G g ɡ ɢ Ԍ ն Ꮐ G g
h H h ʜ Η Н һ Ꮋ H h
i I i l ɩ Ι І і ا Ꭵ ᛁ I i 𐐠𰰠I i
j J j ϳ Ј ј յ Ꭻ J j
k K k Κ κ К Ꮶ ᛕ K K k
Char Homoglyphs
l L l ʟ ι ا Ꮮ L l L l
m M m Μ Ϻ М Ꮇ ᛖ M m M m
n N n ɴ Ν N n
0 0 O o Ο ο О о Օ 𐐠𱠠O o
p P p Ρ ρ Р р Ꮲ P p
q Q q Ⴍ Ⴓ Q q
r R r ʀ Ի Ꮢ ᚱ R r
s S s Ѕ ѕ Տ Ⴝ Ꮪ 𐐠𵠠S s
t T t Τ τ Т Ꭲ T t
u U u μ υ Ա Ս ⋃ U u
v V v ν Ѵ ѵ Ꮩ V v V v
w W w ѡ Ꮃ W w
x X x Χ χ Х х X x X x
y Y y ʏ Υ γ у Ү Y y
z Z z Ζ Ꮓ Z z
{ { {
| | ǀ ا |
} } }
~ ~ ⁓ 〜
ß ß ӧ
ä Ä Ӓ
ö Ö Ӧ
Changes:
11/28/2017: Added ḍ as sugested by rockethamster. 3/11/2012: Added option to use 'Right-To-Left Override' (U+202E) so you can do some stupied EXE tricks, and added a linkless output so you can copy & paste your homography without formatting. 3/11/2012: Added ノ for /. 4/3/2012: I found a list of IDN blacklisted characters on Mozilla's site and added them. I also added a table of the homoglyphs I'm using.
3/6/2012: ٠ was also suggested by @Voulnet.
3/5/2012: @Voulnet suggested I add Arabic letter ا. I put it in for l, i, | and 1.

15 most recent posts on Irongeek.com:

AltStyle によって変換されたページ (->オリジナル) /