Skip to content

Latest commit

 

History

History
71 lines (44 loc) · 3.55 KB

README.md

File metadata and controls

71 lines (44 loc) · 3.55 KB

websitewatcher

Here you can trace changes for domains. websitewatcher will also send you automatically reports via E-Mail if any change on a domain was detected.

Background

Due to the amount of registered domains on a daily base, many domain results can be produced on a weekly / monthly base. It is not uncommon for the majority of domains at the registration date to have no website or no server connect. It is also not uncommon for domains at the registration date to have no (receiving) mail server functionality. As a result, the analyst must keep track of all the results and the results may grow quite fast over the time. Its a waste of time to do it manually.

With help of this project you can track these domains for changes.

Example Screenshot of a Mail Report that notified about changes of observed domains for illustration purposes:

image

Features

  • Multithreading (50 workers by default)
  • MX-Record, HTML-Title and HTML-Description Tag lookups to detect (fraudulent) webpage changes (A-Record lookups are included but not activated by default)
  • Send automatically E-Mails about changed websites

Principles

  • "Webpage Content has been changed or added. New Website Title: " in E-Mail means that the content of a webpage has been changed. The Title of a Webpage is in the browser tab image

  • "Webpage Content has been changed or added. New Website Description: " in E-Mail means that content of a webpage has been changed. This Information is typically used by search engines and other web services

  • "MX-Record has been changed or added. New Record: " in E-Mail means that the mail server configuration has been changed. This information is helpful to track changes on phishing domains which arent active but have a high possibility for being used in bad faith in the future (e.g. a third party registered look-a-like domain: tuiqroup.com instead of tuigroup.com (g=q))

Instructions

How to install:

How to run

  • python3 websitewatcher.py

How to update

  • cd websitewatcher
  • git pull
  • In case of a Merge Error: Try "git reset --hard" before "git pull"

Before the first run - How it Works:

  1. Put your domains into this TXT file "User Input/tracked_websites.txt" line per line for monitoring operations. Some domains are listed per default.

  2. Create a new mail account and put your E-Mail address for sending reports, password and recipient address into this TXT file "User Input/mail_account.txt"

Changelog

Notes

Authors

Written in Python 3.7

TO DO

  • Add Possibility to send screenshots of changed websites via mail as attachement
  • Add Possibility to parse arguments (e.g. workers for multithreading)
  • Add other paramaters as MX-Record, HTML-Title, HTML-Description if that makes sense.
  • Add better Deeplink / Webpath compability (e. g. observe fakedomain.com/Business)