| 23 Dec 2019 | ( words)

Merry DNS and a Happy New Homoglyph

Slack-for-iOS-Upload

It has been a long but exciting year.

We have enjoyed having you all in our community and learning about all the different uses that our different customers are giving the BinaryEdge platform.

To close the year we've added two new endpoints to our SaaS (business accounts only for now, don't forget to use the v2 api endpoints instead of v1) and Enterprise APIs.

The first one is Domain Enumeration. We have added a new domain endpoint for getting subdomains for a particular domain, in addition, we have added a "validate" flag which when set, will live resolve all subdomains and only return subdomains with valid DNS entries. Record types and IP addresses are also returned.
curl https://api.binaryedge.io/v1/query/domains/enumeration/binaryedge.io?validate=1 -H 'X-Token:API_TOKEN'

{
  "query": "binaryedge.io",
  "total": 54,
  "events": [
    {
      "fqdn": "torrents.services.core.binaryedge.io",
      "records": [
        {
          "type": "A",
          "answers": [
            "167.114.242.196"
          ]
        }
      ]
    },
    {
      "fqdn": "cve.services.dev.binaryedge.io",
      "records": [
        {
          "type": "A",
          "answers": [
            "167.114.228.35"
          ]
        }
      ]
    },
    {
      "fqdn": "beira.services.dev.binaryedge.io",
      "records": [
        {
          "type": "A",
          "answers": [
            "167.114.228.35"
          ]
        }
      ]
    }
  ]
}

The second endpoint we are making available is called homoglyphs. With this one you can create a list of all "look alike" domains for a particular domain. Super useful for finding phishing and typo squatting against your domain(s). When the optional "validate" flag is set, all homoglyphs are resolved and only "live" domains are returned with DNS information as well.

curl 'https://api.binaryedge.io/v1/query/domains/homoglyphs/binaryedge.io?validate=1' -H 'X-Token:API_TOKEN'

{
  "query": "binaryedge.io",
  "total": 3,
  "events": [
    {
      "homoglyph": "binaryedge.io",
      "records": [
        {
          "type": "A",
          "answers": [
            "104.28.7.147",
            "104.28.6.147"
          ]
        },
        {
          "type": "AAAA",
          "answers": [
            "2606:4700:30::681c:793",
            "2606:4700:30::681c:693"
          ]
        },
        {
          "type": "MX",
          "answers": [
            "aspmx3.googlemail.com",
            "aspmx2.googlemail.com",
            "alt2.aspmx.l.google.com",
            "aspmx.l.google.com",
            "alt1.aspmx.l.google.com"
          ]
        },
        {
          "type": "NS",
          "answers": [
            "ines.ns.cloudflare.com",
            "amir.ns.cloudflare.com"
          ]
        },
        {
          "type": "TXT",
          "answers": [
            "v=spf1 include:_spf.google.com include:sendgrid.net include:email.chargebee.com include:servers.mcsv.net ~all",
            "google-site-verification=bhof7a1nmd90snoyjmz3bozznwpvsga6z9nn0fngyys"
          ]
        }
      ]
    },
    {
      "homoglyph": "binaryed.ge.io",
      "records": [
        {
          "type": "A",
          "answers": [
            "193.223.78.230"
          ]
        }
      ]
    },
    {
      "homoglyph": "binarye.dge.io",
      "records": [
        {
          "type": "MX",
          "answers": [
            "in2-smtp.messagingengine.com",
            "in1-smtp.messagingengine.com"
          ]
        }
      ]
    }
  ]
}

To end this blogpost, we would like to thank all of our customers, contributors, community members and partners for all the hardwork they've put into making BinaryEdge a platform that helps organizations protecting themselves. We are only getting started and are really excited to show you what is coming in 2020!