Hashlookup aim is to index the hashes of all the published and released software. It crawls and indexes the hashes from many different public sources which include Linux distributions, operating systems such as Windows or alternative distributions. The goal is provide a fast and efficient way for analysts, digital forensic investigators and security researchers contextual information about published software. hashlookup goal is to support digital forensic investigation but also the review of software supply chain and distribution channels.

Existing tools like dnstwist or urlcrazy are useful for identifying typosquatting, but they don't allow users to choose a generation of variation with all possible algorithms. To address this, we created a library that compiles all possible variations for a domain name. But why stop there? We also developed a user-friendly website to make the tool accessible to everyone. And now, there's a possibility to look for package squatting on platform like pypi...

In this session, we will introduce the website and its functionalities, including all possible algorithms currently implemented in the library. Our library and website are both open source, and there is even an online version available to the public, as well as MISP integration. With these resources, there is no excuse for not protecting your organization from potential typosquatting domains.