The whole docs section is work in progress. Feedback is highly welcome.

General

Cybersquatting

IDN homograph attack

Wiki:

IDN homosgraph attack

Punycode

Demos:

Apple.com by Xudong Zheng

Epic.com from Wordfence

Defense

Client

General:

Watch SSL vert or URL

If uncertain, retpye url in the address bar

Firefox:

1. about:config

1. search for punycode

1. set value of network.IDN_show_punycode from false to true

xn--:

'ASCII compatible encoding' prefix

Examples:

Cyrillic "а" (U+0430)

Latin "a" (U+0041)

Todo:

Punycode/ Unicode

Active Pentest test

Spear phishing

Defensemethodes for admins and users

Test Punycode in other borwser

Helpful links

Great look up for unicode characters:

http://unicode-search.net/

E-Mail hellofoo@ittafoovern.comcom