Defangs and refangs malicious URLs
Project description
Defangs and refangs malicious URLs
Usage
As a script: use the defang command to defang or “refang” content, supporting both stdin/stdout streams as well as to/from files on disk:
$ echo http://evil.example.com/malicious.php | defang hXXp://evil.example[.]com/malicious.php
As a library:
>>> from defang import defang >>> url = "http://evil.example.com/malicious.php" >>> defang(url) 'hXXp://evil.example[.]com/malicious.php'
We’ve added a few new keyword argument options:
>>> defang(url, colon=True) 'hXXp[:]//evil.example[.]com/malicious.php' >>> defang(url, all_dots=True) 'hXXp://evil[.]example[.]com/malicious.php' >>> defang(url, zero_width_replace=True) 'h\u200bt\u200bt\u200bp\u200b:\u200b/\u200b/\u200be\u200bv\u200bi\u200bl\u200b.\u200be\u200bx\u200ba\u200bm\u200bp\u200bl\u200be\u200b.\u200bc\u200bo\u200bm\u200b/\u200bm\u200ba\u200bl\u200bi\u200bc\u200bi\u200bo\u200bu\u200bs\u200b.\u200bp\u200bh\u200bp' # printed as 'http://evil.example.com/malicious.php'
Releases
- 0.5.3:
Merged in optional feature to split characters with the zero-width character.
- 0.5.2:
left in a debug print message in my last patch… removed it.
- 0.5.1:
refangs boxed in colons [:]
- 0.5.0:
added new options to defang
all_dots=True will turn all dots into [.] and not just the one before the TLD
colon=True will translate http:// into http[:]// as well as other protocols
- 0.4.0:
added support for URIs with IPv4
- 0.3.0:
added some regex fixes and arbitrary protocol defanging
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.