search

Found

info About

A browser-based homograph attack detector tool. No data sent to server.

📘 How to Use

  1. Paste or type the string (URL, username, etc.) into the input field
  2. Review the real-time analysis results that appear automatically below

Homograph Attack Detector

grid_view Related

  • No related tools configured.
Article

Homograph Attack & Confusable Character Detector | Spot Fake URLs & Usernames

This tool helps you detect visually similar characters (homographs) and other invisible or deceptive characters often used in phishing and spoofing attacks. By analyzing a string like a URL, email address, or username, it exposes hidden characters that could trick users into visiting malicious sites or trusting fraudulent identities.

💡 Tool Overview

  • Real-Time Analysis: Instantly inspects the string as you type, providing immediate feedback without needing to click a button.
  • Visual Highlighting: The visual preview clearly marks suspicious characters with a red underline, making them easy to spot at a glance.
  • Detailed Character Breakdown: A comprehensive table shows each character, its Unicode code point, its true identity (e.g., "Cyrillic Small Letter A"), and a clear status (Safe, Suspicious, or Info).
  • Detects Invisible Characters: Uncovers zero-width spaces and other non-printing control characters that can be used to obfuscate code or URLs.
  • Client-Side Security: Your data is not sent to any server; all processing is done entirely within your browser for maximum privacy and security.

🧐 Frequently Asked Questions

Q. What is a homograph attack?

A. A homograph (or homoglyph) attack is a deception technique where an attacker registers a domain name using characters that look identical or very similar to characters in a legitimate domain name. For example, using the Cyrillic letter 'а' (U+0430) instead of the standard Latin letter 'a' (U+0061) to create a fake domain like pаypal.com. To the naked eye, it looks correct, but it leads to a completely different, malicious server.

Q. Besides URLs, what else can this tool check?

A. You can use it to inspect any text string where character ambiguity could be a security risk. This includes email addresses, social media usernames, filenames, or even snippets of source code where an invisible character could cause compilation errors or introduce a vulnerability.

📚 A Deeper Look at Homograph Attacks

Homograph attacks are closely related to how Internationalized Domain Names (IDNs) work. To support non-Latin characters (like Japanese, Cyrillic, or Greek) in URLs, browsers use a system called Punycode. Punycode converts a Unicode string into a unique ASCII string that is safe for the Domain Name System (DNS). For example, the domain аррӏе.com (with Cyrillic letters) would be converted by the browser to xn--80ak6aa92e.com before being sent to DNS.

Attackers exploit this system by registering domains with these look-alike characters. While modern browsers have implemented defenses to warn users when a URL contains characters from multiple scripts (e.g., Latin and Cyrillic mixed together), these attacks remain a persistent threat, especially in contexts outside of the browser address bar, like emails, chat messages, and documents. This tool helps you manually verify any suspicious link or text by revealing the true Unicode identity of every character.