O365 Squatting first version was presented at Defcon 28 #Safemode, you can watch the talk on below link:
O365 Squatting is a python tool created to identify risky domains before the attack start. The tool can create a list of typo squatted domains based on the domain provided by the user and check all the domains against O365 infrastructure, (these domains will not appear on a DNS request).
At the same time, this tool can also be used by red teams and bug hunters, one of the classic attacks is the domain takeover based on the tool findings.
Please, follow the instructions below for installing and run O365 Squatting.
Make sure you have installed the following tools:
Python 2.X
pip (sudo apt-get install python2-pip).
$ git clone https://github.com/O365Squad/O365-Squatting.git
$ cd O365-Squatting
$ pip install -r requirements.txt
$ python o365squatting.py -h
Parameters and examples of use.
-d , -c, -f or -h are mandatory
$ python o365squatting.py -d defcon.org
$ python o365squatting.py -d defcon.org -o json
$ python o365squatting.py -c defcon.org
◾ J. Francisco Bolivar – @jfran_cbit
◾ Jose Miguel Gómez-Casero Marichal – @GcmMiguel