BurtTheCoder/mcp-dnstwist

Overview

An MCP server wrapping dnstwist, a DNS fuzzing tool that generates domain permutations to detect typosquatting, phishing, and corporate espionage. It accepts a domain and returns a list of similar domains with their DNS records and threat classifications.

Best for

Best for
Security engineers and developers who need to automate typosquatting detection in MCP-based toolchains.

Use cases

• Scan for lookalike domains targeting your brand
• Automate phishing domain discovery in security pipelines
• Integrate domain threat intelligence into MCP-compatible assistants

Notes

An MCP server wrapping dnstwist, a DNS fuzzing tool that generates domain permutations to detect typosquatting, phishing, and corporate espionage. It accepts a domain and returns a list of similar domains with their DNS records and threat classifications.

50 stars on GitHub. Last updated 2025-03-03. Licensed MIT.

Use cases

• Scan for lookalike domains targeting your brand
• Automate phishing domain discovery in security pipelines
• Integrate domain threat intelligence into MCP-compatible assistants

Pros

• Leverages the well-established dnstwist engine for accurate fuzzing
• Simple MCP interface makes it easy to plug into AI workflows
• Lightweight JavaScript implementation with clear output

Cons

• Limited to DNS-based detection, no deep content analysis
• Requires an MCP-compatible host to run
• Small community (50 stars) may mean slower updates

Indexed from awesome-mcp-servers-punkpeye and enriched against its public facts.