Show HN: Have I Been Squatted? — Check if your domain has been typosquatted
haveibeensquatted.comA different solution that runs locally is opensquat.
Thanks for sharing it!
This is cool and very useful!
It's a bit slow but understandable, so you'd permutate the input domain and then query DNS? Feels resource heavy, any caching mechanism in place? IMHO it'd be good to add some intro/info on the homepage.
Feedback, Make signing more visbile, currently you'd have to click login -> click on sign up
Feedback, I am expecting a paid premium after login but non, WIP?
Thank you!
> so you'd permutate the input domain and then query DNS?
Correct, we're running on resource-constrained lambdas right now and hoping to have some breathing room to expand on this soon. We want this to be the most accurate, point-in-time analysis of your domain so we want to push for this to run and scale rather than trying to tap into [expensive] data feeds.
> any caching mechanism in place? IMHO it'd be good to add some intro/info on the homepage.
Definitely, we had this prior with Cloudfront. As we're running on HTTP/2 stream, we simply cached the response and replayed it at the edge. We recently added signup/signin which complicated this so we've disabled it for the time. We're going to re-include it using Lambda@Edge shortly.
> Feedback, Make signing more visbile, currently you'd have to click login -> click on sign up
Noted!
> Feedback, I am expecting a paid premium after login but non, WIP?
Right now we're just giving access to more results after signin. We'll include CSV exports, some detailed results for free to help analysts. We're exploring premium features where you pay for recurring alerts about your domain with report history. Happy to hear what you feel are features you'd be happy to have included (and perhaps pay for?).
Another reason it may feel a little bit slow is because the client is completing an invisible CAPTCHA challenge to curb bots/abuse (we may be able to improve this experience for authenticated users eventually)
Hi HN, I invite all of you to try out Have I Been Squatted. Around a year ago we shared an alpha project called Have I Been Squatted, a small free tool for users to generate and understand their domain’s security posture with regards to typosquatting. The original version hug-to-death’ed[1][2] so we decided to rethink the UI and internals to (hopefully) mitigate this.
Happy to get any valuable feedback, stories or questions. You're also all welcome to our Discord[3] if you want to talk about your use-cases or what you found using our tool!
If you're curious about building your own version, you can try out our open-source permutation library, `twistrs`[4].
[1]: https://news.ycombinator.com/item?id=32985139
[2]: https://lobste.rs/s/k719vs/have_i_been_sqautted_free_dns#c_f...
Is the logo someone farting?
Oh god we can’t unsee it now. Was meant to be someone “squatting”. This comment is getting framed
How did no one catch that? This is hilarious though
I've used https://dnstwist.it in the past