/r/netsec 是一个信息安全社区聚合器,旨在为从业者提供价值。最近分享了Typo squat Detective游戏,帮助识别相似域名中的数字字母混淆、Unicode同形字符和Punycode技巧。 2025-9-11 09:39:47 Author: www.reddit.com(查看原文) 阅读量:3 收藏
/r/netsec is a community-curated aggregator of technical information security content. Our mission is to extract signal from the noise — to provide value to security practitioners, students, researchers, and hackers everywhere.
With the recent npm/Node.js supply chain incident (phished maintainer, 18 packages briefly shipping crypto-stealing code), I wanted to share a small project:
Typo squat Detective, a 2-3 minute browser game to practice spotting look-alike domains.
It covers:
• Numbers ↔ letters (1 ↔ l, 0 ↔ o)
• Unicode homoglyphs (Cyrillic/Greek lookalikes)
• Punycode (xn--) tricks
Play it here: https://typo.himanshuanand.com/
Curious to hear which tricks fooled you and if you would like more levels/brands.
如有侵权请联系:admin#unsafe.sh