SpotSpoof helps you detect domain impersonation attacks using lookalike characters - both IDN homoglyphs and ASCII substitutions. I built it to be simple and easy to integrate into your security tooling.
Attackers register domains that look nearly identical to legitimate ones by swapping characters. For example, replacing the Latin "a" with a Cyrillic "а" (they look the same but are different Unicode characters). Your users might not notice "pаypal.com" isn't "paypal.com" until it's too late.
This works with both Internationalized Domain Names (IDN) that use non-ASCII characters, and regular ASCII tricks like replacing "o" with "0" or "l" with "1".
SpotSpoof scans for these lookalikes so you can proactively find and monitor domains that might be targeting your users.