AI-Powered AntiSquat: Detecting Typosquatting and Phishing Domains

AntiSquat leverages AI techniques such as natural language processing (NLP), large language models (ChatGPT) and more to empower detection of typosquatting and phishing domains.

How to use

  • Clone the project via git clone
  • Install all dependencies by typing pip install -r requirements.txt.
  • Get a ChatGPT API key at
  • Create a file named .openai-key and paste your chatgpt api key in there.
  • (Optional) Visit and grab a GoDaddy API key. Create a file named .godaddy-key and paste your godaddy api key in there.
  • Create a file named ‘domains.txt’. Type in a line-separated list of domains you’d like to scan.
  • (Optional) Create a file named blacklist.txt. Type in a line-separated list of domains you’d like to ignore. Regular expressions are supported.
  • Run antisquat using python3.8 domains.txt


Let’s say you’d like to run antisquat on "".

Create a file named "domains.txt", then type in Then run python3.8 domains.txt.

AntiSquat generates several permutations of the domain, iterates through them one-by-one and tries extracting all contact information from the page.

Test case:

A test case for is attached. To run it without any api keys, simply run python3.8

AntiSquat running on

Here, the tool appears to have captured a test phishing site for Similar domains that may be available for sale can be captured in this way and any contact information from the site may be extracted.

If you'd like to know more about the tool, make sure to check out our blog.


To know more about our Attack Surface Management platform, check out NVADR.

Download AntiSquat

Next Post Previous Post
No Comment
Add Comment
comment url