Fork me on GitHub

IDN Homograph Attack Example

An IDN Homograph Attack is using unicode to make a domain name that looks similar to another domain name. These threats can be mitigated by using Punycode and by being more careful of clicking on URLS.


http://ĝ -- ĝ not g

http://ḃ -- ḃ not b

http://asĸ.com -- ĸ not k

Unprotected Software:

Please keep this list updated! These programs do not escape these unsafe URLs:

  1. Mozilla Firefox(43.0.4) partial protection as of January 25th 2016. Bug reports: 0, 1, 2, 3,
  2. Microsoft Visual Studio Community Edition(14.0.24720.00) no support as of January 25th 2016
  3. SharpDevelop(5.1.0, build 5134) no support as of February 25th 2016. Bug reports: 749
  4. Libre Office( no support as of January 26th 2016, bug reports: 97438
  5. Gnome Terminal(3.14.1) no support as of January 26th 2016