What categories of variant does the tool generate?

Omission, insertion, substitution, adjacent transposition, multi-character swaps (rn, vv, cl), single-character Cyrillic homoglyphs, and TLD swaps.

Will it find every possible lookalike?

No. Real attacks include multi-character homoglyph chains and Greek, Armenian, and Latin Extended characters this tool does not enumerate.

Should I register every variant?

No. Register the highest-value handful (the closest typos, the .co/.com swap, your most common single-character omissions). Monitor the rest.

Can I use this offensively?

No. Use the output to defend a domain you own or are authorized to defend.

Does the tool send the domain anywhere?

No. Generation happens in your browser. No request leaves the page.

How do I check if a variant is registered?

Use whois on each variant, or feed the list into a passive-DNS service. The generator does not check registration status.

Lookalike Domain Generator: Typos and Homoglyphs

Enter a domain you defend, not one you want to impersonate. Educational use only.

Enter a domain above. Everything runs in your browser.

All calculations happen in your browser. We don’t store inputs.

How it works.

You enter

A domain you defend (your company, a vendor, an executive’s personal domain).

We compute

Standard typo families generated in your browser: omission, insertion, substitution, transposition, "rn" vs "m" and "vv" vs "w" multi-char swaps, single-character Cyrillic homoglyph substitutions, and a TLD swap pass.

You learn

A defensible watchlist for your monitoring stack, an SOC playbook input, or a UDRP-readiness list.

You enter

You can filter the result by category to focus on what your monitoring tooling actually checks.

We compute

No request leaves your browser. The whole list is generated and filtered locally.

You learn

A list you can copy out and feed into a domain monitor (DomainTools, Whoxy, your registrar’s typo-watch).

You enter

Use this defensively. Do not register variants for impersonation.

We compute

A short list of registered variants you find in the wild is a strong UDRP filing input; an unregistered list is a defensive registration shopping list.

You learn

Better protection against the targeted spear-phishing patterns the FBI catalogs in BEC reports.

What this tool isn’t.

This is awareness, not detection. The generator produces the families of variants that show up in real spear-phishing campaigns, but the universe of possible lookalikes is larger than what fits in a 1,000-row table. We do not check whether each variant is registered, who owns it, or whether it is currently sending mail. For that, pair the output with whois lookups, passive DNS, and a paid monitoring service. The Cyrillic homoglyph pass shows the most common single-character swaps; an attacker can chain multiple swaps or use Greek, Armenian, or Latin Extended characters that this list does not enumerate. Use the result as a starting watchlist, not a finished defense.