├── .gitignore ├── README.md ├── data ├── TLDs.txt └── unicodes.txt ├── script ├── get_latest_TLDs.py └── get_latest_unicode.py └── toy.py /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[cod] 4 | *$py.class 5 | 6 | # C extensions 7 | *.so 8 | 9 | # Distribution / packaging 10 | .Python 11 | build/ 12 | develop-eggs/ 13 | dist/ 14 | downloads/ 15 | eggs/ 16 | .eggs/ 17 | lib/ 18 | lib64/ 19 | parts/ 20 | sdist/ 21 | var/ 22 | wheels/ 23 | pip-wheel-metadata/ 24 | share/python-wheels/ 25 | *.egg-info/ 26 | .installed.cfg 27 | *.egg 28 | MANIFEST 29 | 30 | # PyInstaller 31 | # Usually these files are written by a python script from a template 32 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 33 | *.manifest 34 | *.spec 35 | 36 | # Installer logs 37 | pip-log.txt 38 | pip-delete-this-directory.txt 39 | 40 | # Unit test / coverage reports 41 | htmlcov/ 42 | .tox/ 43 | .nox/ 44 | .coverage 45 | .coverage.* 46 | .cache 47 | nosetests.xml 48 | coverage.xml 49 | *.cover 50 | *.py,cover 51 | .hypothesis/ 52 | .pytest_cache/ 53 | 54 | # Translations 55 | *.mo 56 | *.pot 57 | 58 | # Django stuff: 59 | *.log 60 | local_settings.py 61 | db.sqlite3 62 | db.sqlite3-journal 63 | 64 | # Flask stuff: 65 | instance/ 66 | .webassets-cache 67 | 68 | # Scrapy stuff: 69 | .scrapy 70 | 71 | # Sphinx documentation 72 | docs/_build/ 73 | 74 | # PyBuilder 75 | target/ 76 | 77 | # Jupyter Notebook 78 | .ipynb_checkpoints 79 | 80 | # IPython 81 | profile_default/ 82 | ipython_config.py 83 | 84 | # pyenv 85 | .python-version 86 | 87 | # pipenv 88 | # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. 89 | # However, in case of collaboration, if having platform-specific dependencies or dependencies 90 | # having no cross-platform support, pipenv may install dependencies that don't work, or not 91 | # install all needed dependencies. 92 | #Pipfile.lock 93 | 94 | # PEP 582; used by e.g. github.com/David-OConnor/pyflow 95 | __pypackages__/ 96 | 97 | # Celery stuff 98 | celerybeat-schedule 99 | celerybeat.pid 100 | 101 | # SageMath parsed files 102 | *.sage.py 103 | 104 | # Environments 105 | .env 106 | .venv 107 | env/ 108 | venv/ 109 | ENV/ 110 | env.bak/ 111 | venv.bak/ 112 | 113 | # Spyder project settings 114 | .spyderproject 115 | .spyproject 116 | 117 | # Rope project settings 118 | .ropeproject 119 | 120 | # mkdocs documentation 121 | /site 122 | 123 | # mypy 124 | .mypy_cache/ 125 | .dmypy.json 126 | dmypy.json 127 | 128 | # Pyre type checker 129 | .pyre/ 130 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # UnicodeToy 2 | Unicode fuzzer for various purposes 3 | > Unicode based on version 14.0 4 | 5 | # features 6 | - Generate the shortest xss domain payload 7 | - Generate unicode str, use NFKC mechanism to bypass some filter: python3, rust...(N-CTF 2019 python_jail), you know, homograph 8 | - ... 9 | 10 | 11 | # usage 12 | - `toy.py` main tool 13 | - `script/get_latest_TLDs.py` grab latest TLD from IANA 14 | - `script/get_latest_unicode.py` grab latest unicode collection from unicode.org (version 14.0.0) 15 | 16 | ## generate ascii to homograph[unicodes] map 17 | for your custom purpose, you can generate the whole table, choose something you need. 18 | 19 | - case 1: 20 | strict mode: 21 | ```python 22 | print("chr \t ascii_index \t homograph_list") 23 | for k, v in _gen_ascii_map(strict_mode=True).items(): 24 | print(f"({k}) \t {ord(k)} \t {v}") 25 | 26 | ``` 27 | 28 | output: 29 | ```csv 30 | chr ascii_index homograph_list 31 | ( ) 32 ['\xa0', '\u2000', '\u2001', '\u2002', '\u2003', '\u2004', '\u2005', '\u2006', '\u2007', '\u2008', '\u2009', '\u200a', '\u202f', '\u205f', '\u3000'] 32 | (a) 97 ['ª', 'ᵃ', 'ₐ', 'ⓐ', 'a', '𝐚', '𝑎', '𝒂', '𝒶', '𝓪', '𝔞', '𝕒', '𝖆', '𝖺', '𝗮', '𝘢', '𝙖', '𝚊'] 33 | (2) 50 ['²', '₂', '②', '2', '𝟐', '𝟚', '𝟤', '𝟮', '𝟸'] 34 | (3) 51 ['³', '₃', '③', '3', '𝟑', '𝟛', '𝟥', '𝟯', '𝟹'] 35 | (1) 49 ['¹', '₁', '①', '1', '𝟏', '𝟙', '𝟣', '𝟭', '𝟷'] 36 | (o) 111 ['º', 'ᵒ', 'ₒ', 'ℴ', 'ⓞ', 'o', '𝐨', '𝑜', '𝒐', '𝓸', '𝔬', '𝕠', '𝖔', '𝗈', '𝗼', '𝘰', '𝙤', '𝚘'] 37 | (s) 115 ['ſ', 'ˢ', 'ₛ', 'ⓢ', 's', '𝐬', '𝑠', '𝒔', '𝓈', '𝓼', '𝔰', '𝕤', '𝖘', '𝗌', '𝘀', '𝘴', '𝙨', '𝚜'] 38 | (h) 104 ['ʰ', 'ₕ', 'ℎ', 'ⓗ', 'h', '𝐡', '𝒉', '𝒽', '𝓱', '𝔥', '𝕙', '𝖍', '𝗁', '𝗵', '𝘩', '𝙝', '𝚑'] 39 | (j) 106 ['ʲ', 'ⅉ', 'ⓙ', 'ⱼ', 'j', '𝐣', '𝑗', '𝒋', '𝒿', '𝓳', '𝔧', '𝕛', '𝖏', '𝗃', '𝗷', '𝘫', '𝙟', '𝚓'] 40 | (r) 114 ['ʳ', 'ᵣ', 'ⓡ', 'r', '𝐫', '𝑟', '𝒓', '𝓇', '𝓻', '𝔯', '𝕣', '𝖗', '𝗋', '𝗿', '𝘳', '𝙧', '𝚛'] 41 | (w) 119 ['ʷ', 'ⓦ', 'w', '𝐰', '𝑤', '𝒘', '𝓌', '𝔀', '𝔴', '𝕨', '𝖜', '𝗐', '𝘄', '𝘸', '𝙬', '𝚠'] 42 | (y) 121 ['ʸ', 'ⓨ', 'y', '𝐲', '𝑦', '𝒚', '𝓎', '𝔂', '𝔶', '𝕪', '𝖞', '𝗒', '𝘆', '𝘺', '𝙮', '𝚢'] 43 | (l) 108 ['ˡ', 'ₗ', 'ℓ', 'ⅼ', 'ⓛ', 'l', '𝐥', '𝑙', '𝒍', '𝓁', '𝓵', '𝔩', '𝕝', '𝖑', '𝗅', '𝗹', '𝘭', '𝙡', '𝚕'] 44 | (x) 120 ['ˣ', 'ₓ', 'ⅹ', 'ⓧ', 'x', '𝐱', '𝑥', '𝒙', '𝓍', '𝔁', '𝔵', '𝕩', '𝖝', '𝗑', '𝘅', '𝘹', '𝙭', '𝚡'] 45 | (;) 59 [';', '︔', '﹔', ';'] 46 | (A) 65 ['ᴬ', 'Ⓐ', 'A', '𝐀', '𝐴', '𝑨', '𝒜', '𝓐', '𝔄', '𝔸', '𝕬', '𝖠', '𝗔', '𝘈', '𝘼', '𝙰', '🄰'] 47 | (B) 66 ['ᴮ', 'ℬ', 'Ⓑ', 'B', '𝐁', '𝐵', '𝑩', '𝓑', '𝔅', '𝔹', '𝕭', '𝖡', '𝗕', '𝘉', '𝘽', '𝙱', '🄱'] 48 | (D) 68 ['ᴰ', 'ⅅ', 'Ⅾ', 'Ⓓ', 'D', '𝐃', '𝐷', '𝑫', '𝒟', '𝓓', '𝔇', '𝔻', '𝕯', '𝖣', '𝗗', '𝘋', '𝘿', '𝙳', '🄳'] 49 | (E) 69 ['ᴱ', 'ℰ', 'Ⓔ', 'E', '𝐄', '𝐸', '𝑬', '𝓔', '𝔈', '𝔼', '𝕰', '𝖤', '𝗘', '𝘌', '𝙀', '𝙴', '🄴'] 50 | (G) 71 ['ᴳ', 'Ⓖ', 'G', '𝐆', '𝐺', '𝑮', '𝒢', '𝓖', '𝔊', '𝔾', '𝕲', '𝖦', '𝗚', '𝘎', '𝙂', '𝙶', '🄶'] 51 | (H) 72 ['ᴴ', 'ℋ', 'ℌ', 'ℍ', 'Ⓗ', 'H', '𝐇', '𝐻', '𝑯', '𝓗', '𝕳', '𝖧', '𝗛', '𝘏', '𝙃', '𝙷', '🄷'] 52 | (I) 73 ['ᴵ', 'ℐ', 'ℑ', 'Ⅰ', 'Ⓘ', 'I', '𝐈', '𝐼', '𝑰', '𝓘', '𝕀', '𝕴', '𝖨', '𝗜', '𝘐', '𝙄', '𝙸', '🄸'] 53 | (J) 74 ['ᴶ', 'Ⓙ', 'J', '𝐉', '𝐽', '𝑱', '𝒥', '𝓙', '𝔍', '𝕁', '𝕵', '𝖩', '𝗝', '𝘑', '𝙅', '𝙹', '🄹'] 54 | (K) 75 ['ᴷ', 'K', 'Ⓚ', 'K', '𝐊', '𝐾', '𝑲', '𝒦', '𝓚', '𝔎', '𝕂', '𝕶', '𝖪', '𝗞', '𝘒', '𝙆', '𝙺', '🄺'] 55 | (L) 76 ['ᴸ', 'ℒ', 'Ⅼ', 'Ⓛ', 'L', '𝐋', '𝐿', '𝑳', '𝓛', '𝔏', '𝕃', '𝕷', '𝖫', '𝗟', '𝘓', '𝙇', '𝙻', '🄻'] 56 | (M) 77 ['ᴹ', 'ℳ', 'Ⅿ', 'Ⓜ', 'M', '𝐌', '𝑀', '𝑴', '𝓜', '𝔐', '𝕄', '𝕸', '𝖬', '𝗠', '𝘔', '𝙈', '𝙼', '🄼'] 57 | (N) 78 ['ᴺ', 'ℕ', 'Ⓝ', 'N', '𝐍', '𝑁', '𝑵', '𝒩', '𝓝', '𝔑', '𝕹', '𝖭', '𝗡', '𝘕', '𝙉', '𝙽', '🄽'] 58 | (O) 79 ['ᴼ', 'Ⓞ', 'O', '𝐎', '𝑂', '𝑶', '𝒪', '𝓞', '𝔒', '𝕆', '𝕺', '𝖮', '𝗢', '𝘖', '𝙊', '𝙾', '🄾'] 59 | (P) 80 ['ᴾ', 'ℙ', 'Ⓟ', 'P', '𝐏', '𝑃', '𝑷', '𝒫', '𝓟', '𝔓', '𝕻', '𝖯', '𝗣', '𝘗', '𝙋', '𝙿', '🄿'] 60 | (R) 82 ['ᴿ', 'ℛ', 'ℜ', 'ℝ', 'Ⓡ', 'R', '𝐑', '𝑅', '𝑹', '𝓡', '𝕽', '𝖱', '𝗥', '𝘙', '𝙍', '𝚁', '🄬', '🅁'] 61 | (T) 84 ['ᵀ', 'Ⓣ', 'T', '𝐓', '𝑇', '𝑻', '𝒯', '𝓣', '𝔗', '𝕋', '𝕿', '𝖳', '𝗧', '𝘛', '𝙏', '𝚃', '🅃'] 62 | (U) 85 ['ᵁ', 'Ⓤ', 'U', '𝐔', '𝑈', '𝑼', '𝒰', '𝓤', '𝔘', '𝕌', '𝖀', '𝖴', '𝗨', '𝘜', '𝙐', '𝚄', '🅄'] 63 | (W) 87 ['ᵂ', 'Ⓦ', 'W', '𝐖', '𝑊', '𝑾', '𝒲', '𝓦', '𝔚', '𝕎', '𝖂', '𝖶', '𝗪', '𝘞', '𝙒', '𝚆', '🅆'] 64 | (b) 98 ['ᵇ', 'ⓑ', 'b', '𝐛', '𝑏', '𝒃', '𝒷', '𝓫', '𝔟', '𝕓', '𝖇', '𝖻', '𝗯', '𝘣', '𝙗', '𝚋'] 65 | (d) 100 ['ᵈ', 'ⅆ', 'ⅾ', 'ⓓ', 'd', '𝐝', '𝑑', '𝒅', '𝒹', '𝓭', '𝔡', '𝕕', '𝖉', '𝖽', '𝗱', '𝘥', '𝙙', '𝚍'] 66 | (e) 101 ['ᵉ', 'ₑ', 'ℯ', 'ⅇ', 'ⓔ', 'e', '𝐞', '𝑒', '𝒆', '𝓮', '𝔢', '𝕖', '𝖊', '𝖾', '𝗲', '𝘦', '𝙚', '𝚎'] 67 | (g) 103 ['ᵍ', 'ℊ', 'ⓖ', 'g', '𝐠', '𝑔', '𝒈', '𝓰', '𝔤', '𝕘', '𝖌', '𝗀', '𝗴', '𝘨', '𝙜', '𝚐'] 68 | (k) 107 ['ᵏ', 'ₖ', 'ⓚ', 'k', '𝐤', '𝑘', '𝒌', '𝓀', '𝓴', '𝔨', '𝕜', '𝖐', '𝗄', '𝗸', '𝘬', '𝙠', '𝚔'] 69 | (m) 109 ['ᵐ', 'ₘ', 'ⅿ', 'ⓜ', 'm', '𝐦', '𝑚', '𝒎', '𝓂', '𝓶', '𝔪', '𝕞', '𝖒', '𝗆', '𝗺', '𝘮', '𝙢', '𝚖'] 70 | (p) 112 ['ᵖ', 'ₚ', 'ⓟ', 'p', '𝐩', '𝑝', '𝒑', '𝓅', '𝓹', '𝔭', '𝕡', '𝖕', '𝗉', '𝗽', '𝘱', '𝙥', '𝚙'] 71 | (t) 116 ['ᵗ', 'ₜ', 'ⓣ', 't', '𝐭', '𝑡', '𝒕', '𝓉', '𝓽', '𝔱', '𝕥', '𝖙', '𝗍', '𝘁', '𝘵', '𝙩', '𝚝'] 72 | (u) 117 ['ᵘ', 'ᵤ', 'ⓤ', 'u', '𝐮', '𝑢', '𝒖', '𝓊', '𝓾', '𝔲', '𝕦', '𝖚', '𝗎', '𝘂', '𝘶', '𝙪', '𝚞'] 73 | (v) 118 ['ᵛ', 'ᵥ', 'ⅴ', 'ⓥ', 'v', '𝐯', '𝑣', '𝒗', '𝓋', '𝓿', '𝔳', '𝕧', '𝖛', '𝗏', '𝘃', '𝘷', '𝙫', '𝚟'] 74 | (i) 105 ['ᵢ', 'ⁱ', 'ℹ', 'ⅈ', 'ⅰ', 'ⓘ', 'i', '𝐢', '𝑖', '𝒊', '𝒾', '𝓲', '𝔦', '𝕚', '𝖎', '𝗂', '𝗶', '𝘪', '𝙞', '𝚒'] 75 | (c) 99 ['ᶜ', 'ⅽ', 'ⓒ', 'c', '𝐜', '𝑐', '𝒄', '𝒸', '𝓬', '𝔠', '𝕔', '𝖈', '𝖼', '𝗰', '𝘤', '𝙘', '𝚌'] 76 | (f) 102 ['ᶠ', 'ⓕ', 'f', '𝐟', '𝑓', '𝒇', '𝒻', '𝓯', '𝔣', '𝕗', '𝖋', '𝖿', '𝗳', '𝘧', '𝙛', '𝚏'] 77 | (z) 122 ['ᶻ', 'ⓩ', 'z', '𝐳', '𝑧', '𝒛', '𝓏', '𝔃', '𝔷', '𝕫', '𝖟', '𝗓', '𝘇', '𝘻', '𝙯', '𝚣'] 78 | (`) 96 ['`', '`'] 79 | (.) 46 ['․', '﹒', '.'] 80 | (0) 48 ['⁰', '₀', '⓪', '0', '𝟎', '𝟘', '𝟢', '𝟬', '𝟶'] 81 | (4) 52 ['⁴', '₄', '④', '4', '𝟒', '𝟜', '𝟦', '𝟰', '𝟺'] 82 | (5) 53 ['⁵', '₅', '⑤', '5', '𝟓', '𝟝', '𝟧', '𝟱', '𝟻'] 83 | (6) 54 ['⁶', '₆', '⑥', '6', '𝟔', '𝟞', '𝟨', '𝟲', '𝟼'] 84 | (7) 55 ['⁷', '₇', '⑦', '7', '𝟕', '𝟟', '𝟩', '𝟳', '𝟽'] 85 | (8) 56 ['⁸', '₈', '⑧', '8', '𝟖', '𝟠', '𝟪', '𝟴', '𝟾'] 86 | (9) 57 ['⁹', '₉', '⑨', '9', '𝟗', '𝟡', '𝟫', '𝟵', '𝟿'] 87 | (+) 43 ['⁺', '₊', '﬩', '﹢', '+'] 88 | (=) 61 ['⁼', '₌', '﹦', '='] 89 | (() 40 ['⁽', '₍', '︵', '﹙', '('] 90 | ()) 41 ['⁾', '₎', '︶', '﹚', ')'] 91 | (n) 110 ['ⁿ', 'ₙ', 'ⓝ', 'n', '𝐧', '𝑛', '𝒏', '𝓃', '𝓷', '𝔫', '𝕟', '𝖓', '𝗇', '𝗻', '𝘯', '𝙣', '𝚗'] 92 | (C) 67 ['ℂ', 'ℭ', 'Ⅽ', 'Ⓒ', 'C', '𝐂', '𝐶', '𝑪', '𝒞', '𝓒', '𝕮', '𝖢', '𝗖', '𝘊', '𝘾', '𝙲', '🄫', '🄲'] 93 | (Q) 81 ['ℚ', 'Ⓠ', 'Q', '𝐐', '𝑄', '𝑸', '𝒬', '𝓠', '𝔔', '𝕼', '𝖰', '𝗤', '𝘘', '𝙌', '𝚀', '🅀'] 94 | (Z) 90 ['ℤ', 'ℨ', 'Ⓩ', 'Z', '𝐙', '𝑍', '𝒁', '𝒵', '𝓩', '𝖅', '𝖹', '𝗭', '𝘡', '𝙕', '𝚉', '🅉'] 95 | (F) 70 ['ℱ', 'Ⓕ', 'F', '𝐅', '𝐹', '𝑭', '𝓕', '𝔉', '𝔽', '𝕱', '𝖥', '𝗙', '𝘍', '𝙁', '𝙵', '🄵'] 96 | (V) 86 ['Ⅴ', 'Ⓥ', 'ⱽ', 'V', '𝐕', '𝑉', '𝑽', '𝒱', '𝓥', '𝔙', '𝕍', '𝖁', '𝖵', '𝗩', '𝘝', '𝙑', '𝚅', '🅅'] 97 | (X) 88 ['Ⅹ', 'Ⓧ', 'X', '𝐗', '𝑋', '𝑿', '𝒳', '𝓧', '𝔛', '𝕏', '𝖃', '𝖷', '𝗫', '𝘟', '𝙓', '𝚇', '🅇'] 98 | (S) 83 ['Ⓢ', 'S', '𝐒', '𝑆', '𝑺', '𝒮', '𝓢', '𝔖', '𝕊', '𝕾', '𝖲', '𝗦', '𝘚', '𝙎', '𝚂', '🅂'] 99 | (Y) 89 ['Ⓨ', 'Y', '𝐘', '𝑌', '𝒀', '𝒴', '𝓨', '𝔜', '𝕐', '𝖄', '𝖸', '𝗬', '𝘠', '𝙔', '𝚈', '🅈'] 100 | (q) 113 ['ⓠ', 'q', '𝐪', '𝑞', '𝒒', '𝓆', '𝓺', '𝔮', '𝕢', '𝖖', '𝗊', '𝗾', '𝘲', '𝙦', '𝚚'] 101 | (,) 44 ['︐', '﹐', ','] 102 | (:) 58 ['︓', '﹕', ':'] 103 | (!) 33 ['︕', '﹗', '!'] 104 | (?) 63 ['︖', '﹖', '?'] 105 | (_) 95 ['︳', '︴', '﹍', '﹎', '﹏', '_'] 106 | ({) 123 ['︷', '﹛', '{'] 107 | (}) 125 ['︸', '﹜', '}'] 108 | ([) 91 ['﹇', '['] 109 | (]) 93 ['﹈', ']'] 110 | (#) 35 ['﹟', '#'] 111 | (&) 38 ['﹠', '&'] 112 | (*) 42 ['﹡', '*'] 113 | (-) 45 ['﹣', '-'] 114 | (<) 60 ['﹤', '<'] 115 | (>) 62 ['﹥', '>'] 116 | (\) 92 ['﹨', '\'] 117 | ($) 36 ['﹩', '$'] 118 | (%) 37 ['﹪', '%'] 119 | (@) 64 ['﹫', '@'] 120 | (") 34 ['"'] 121 | (') 39 ['''] 122 | (/) 47 ['/'] 123 | (^) 94 ['^'] 124 | (|) 124 ['|'] 125 | (~) 126 ['~'] 126 | ``` 127 | 128 | - case 2: lax mode 129 | ```python 130 | print("chr \t ascii_index \t homograph_list") 131 | for k, v in _gen_ascii_map(strict_mode=False).items(): 132 | print(f"({k}) \t {ord(k)} \t {v}") 133 | 134 | ``` 135 | output: 136 | 137 | ```csv 138 | chr ascii_index homograph_list 139 | ( ) 32 ['\xa0', '¨', '¯', '´', '¸', '˘', '˙', '˚', '˛', '˜', '˝', 'ͺ', '΄', '΅', '᾽', '᾿', '῀', '῁', '῍', '῎', '῏', '῝', '῞', '῟', '῭', '΅', '´', '῾', '\u2000', '\u2001', '\u2002', '\u2003', '\u2004', '\u2005', '\u2006', '\u2007', '\u2008', '\u2009', '\u200a', '‗', '\u202f', '‾', '\u205f', '\u3000', '゛', '゜', 'ﱞ', 'ﱟ', 'ﱠ', 'ﱡ', 'ﱢ', 'ﱣ', 'ﷺ', 'ﷺ', 'ﷺ', 'ﷻ', '﹉', '﹊', '﹋', '﹌', 'ﹰ', 'ﹲ', 'ﹴ', 'ﹶ', 'ﹸ', 'ﹺ', 'ﹼ', 'ﹾ', ' ̄'] 140 | (a) 97 ['ª', 'ᵃ', 'ẚ', 'ₐ', '℀', '℁', '⒜', 'ⓐ', '㍱', '㍲', '㍴', '㎈', '㎉', '㎩', '㎪', '㎫', '㎬', '㎭', '㎮', '㎯', '㏂', '㏊', '㏿', 'a', '𝐚', '𝑎', '𝒂', '𝒶', '𝓪', '𝔞', '𝕒', '𝖆', '𝖺', '𝗮', '𝘢', '𝙖', '𝚊'] 141 | (2) 50 ['²', '½', '₂', '⅔', '⅖', '②', '⑫', '⑳', '⑵', '⑿', '⒇', '⒉', '⒓', '⒛', '㉑', '㉒', '㉒', '㉓', '㉔', '㉕', '㉖', '㉗', '㉘', '㉙', '㉜', '㊷', '㋁', '㋋', '㍚', '㍤', '㍬', '㍭', '㍮', '㍮', '㍯', '㍰', '㍸', '㎟', '㎠', '㎡', '㎢', '㎨', '㎯', '㏡', '㏫', '㏳', '㏴', '㏵', '㏵', '㏶', '㏷', '㏸', '㏹', '㏺', '㏻', '㏼', '2', '𝟐', '𝟚', '𝟤', '𝟮', '𝟸', '🄃'] 142 | (3) 51 ['³', '¾', '₃', '⅓', '⅔', '⅗', '⅜', '↉', '③', '⑬', '⑶', '⒀', '⒊', '⒔', '㉓', '㉚', '㉛', '㉜', '㉝', '㉝', '㉞', '㉟', '㊱', '㊲', '㊳', '㊴', '㊸', '㋂', '㍛', '㍥', '㍯', '㍹', '㎣', '㎤', '㎥', '㎦', '㏢', '㏬', '㏶', '㏽', '㏾', '3', '𝟑', '𝟛', '𝟥', '𝟯', '𝟹', '🄄'] 143 | (1) 49 ['¹', '¼', '½', '₁', '⅐', '⅑', '⅒', '⅒', '⅓', '⅕', '⅙', '⅛', '⅟', '①', '⑩', '⑪', '⑪', '⑫', '⑬', '⑭', '⑮', '⑯', '⑰', '⑱', '⑲', '⑴', '⑽', '⑾', '⑾', '⑿', '⒀', '⒁', '⒂', '⒃', '⒄', '⒅', '⒆', '⒈', '⒑', '⒒', '⒒', '⒓', '⒔', '⒕', '⒖', '⒗', '⒘', '⒙', '⒚', '㉑', '㉛', '㊶', '㋀', '㋉', '㋊', '㋊', '㋋', '㍙', '㍢', '㍣', '㍣', '㍤', '㍥', '㍦', '㍧', '㍨', '㍩', '㍪', '㍫', '㍭', '㏠', '㏩', '㏪', '㏪', '㏫', '㏬', '㏭', '㏮', '㏯', '㏰', '㏱', '㏲', '㏴', '㏾', '1', '𝟏', '𝟙', '𝟣', '𝟭', '𝟷', '🄂'] 144 | (o) 111 ['º', 'ᵒ', 'ₒ', '℅', '№', 'ℴ', '⒪', 'ⓞ', '㍵', '㏇', '㏒', '㏖', 'o', '𝐨', '𝑜', '𝒐', '𝓸', '𝔬', '𝕠', '𝖔', '𝗈', '𝗼', '𝘰', '𝙤', '𝚘'] 145 | (4) 52 ['¼', '¾', '⁴', '₄', '⅘', '④', '⑭', '⑷', '⒁', '⒋', '⒕', '㉔', '㉞', '㊵', '㊶', '㊷', '㊸', '㊹', '㊹', '㊺', '㊻', '㊼', '㊽', '㊾', '㋃', '㍜', '㍦', '㍰', '㏣', '㏭', '㏷', '4', '𝟒', '𝟜', '𝟦', '𝟰', '𝟺', '🄅'] 146 | (I) 73 ['IJ', 'ᴵ', 'ℐ', 'ℑ', 'Ⅰ', 'Ⅱ', 'Ⅱ', 'Ⅲ', 'Ⅲ', 'Ⅲ', 'Ⅳ', 'Ⅵ', 'Ⅶ', 'Ⅶ', 'Ⅷ', 'Ⅷ', 'Ⅷ', 'Ⅸ', 'Ⅺ', 'Ⅻ', 'Ⅻ', 'Ⓘ', '㍺', 'I', '𝐈', '𝐼', '𝑰', '𝓘', '𝕀', '𝕴', '𝖨', '𝗜', '𝘐', '𝙄', '𝙸', '🄘', '🄸'] 147 | (J) 74 ['IJ', 'LJ', 'NJ', 'ᴶ', 'Ⓙ', 'J', '𝐉', '𝐽', '𝑱', '𝒥', '𝓙', '𝔍', '𝕁', '𝕵', '𝖩', '𝗝', '𝘑', '𝙅', '𝙹', '🄙', '🄹', '🆐'] 148 | (i) 105 ['ij', 'ᵢ', 'ⁱ', 'ℹ', 'ⅈ', 'ⅰ', 'ⅱ', 'ⅱ', 'ⅲ', 'ⅲ', 'ⅲ', 'ⅳ', 'ⅵ', 'ⅶ', 'ⅶ', 'ⅷ', 'ⅷ', 'ⅷ', 'ⅸ', 'ⅺ', 'ⅻ', 'ⅻ', '⒤', 'ⓘ', '㏌', '㏕', 'fi', 'ffi', 'i', '𝐢', '𝑖', '𝒊', '𝒾', '𝓲', '𝔦', '𝕚', '𝖎', '𝗂', '𝗶', '𝘪', '𝙞', '𝚒'] 149 | (j) 106 ['ij', 'Lj', 'lj', 'Nj', 'nj', 'ʲ', 'ⅉ', '⒥', 'ⓙ', 'ⱼ', 'j', '𝐣', '𝑗', '𝒋', '𝒿', '𝓳', '𝔧', '𝕛', '𝖏', '𝗃', '𝗷', '𝘫', '𝙟', '𝚓'] 150 | (L) 76 ['Ŀ', 'LJ', 'Lj', 'ᴸ', 'ℒ', '℡', 'Ⅼ', 'Ⓛ', '㋏', 'L', '𝐋', '𝐿', '𝑳', '𝓛', '𝔏', '𝕃', '𝕷', '𝖫', '𝗟', '𝘓', '𝙇', '𝙻', '🄛', '🄻'] 151 | (l) 108 ['ŀ', 'lj', 'ˡ', 'ₗ', 'ℓ', 'ⅼ', '⒧', 'ⓛ', '㎈', '㎉', '㎕', '㎖', '㎗', '㎘', '㏐', '㏑', '㏒', '㏓', '㏕', '㏖', '㏿', 'fl', 'ffl', 'l', '𝐥', '𝑙', '𝒍', '𝓁', '𝓵', '𝔩', '𝕝', '𝖑', '𝗅', '𝗹', '𝘭', '𝙡', '𝚕'] 152 | (n) 110 ['ʼn', 'nj', 'ⁿ', 'ₙ', '⒩', 'ⓝ', '㎁', '㎋', '㎚', '㎱', '㎵', '㎻', '㏌', '㏑', 'n', '𝐧', '𝑛', '𝒏', '𝓃', '𝓷', '𝔫', '𝕟', '𝖓', '𝗇', '𝗻', '𝘯', '𝙣', '𝚗'] 153 | (s) 115 ['ſ', 'ˢ', 'ₛ', '₨', '℁', '⒮', 'ⓢ', '㎧', '㎨', '㎮', '㎯', '㎰', '㎱', '㎲', '㎳', '㏛', 'ſt', 'st', 's', '𝐬', '𝑠', '𝒔', '𝓈', '𝓼', '𝔰', '𝕤', '𝖘', '𝗌', '𝘀', '𝘴', '𝙨', '𝚜'] 154 | (D) 68 ['DŽ', 'Dž', 'DZ', 'Dz', 'ᴰ', 'ⅅ', 'Ⅾ', 'Ⓓ', '㋏', 'D', '𝐃', '𝐷', '𝑫', '𝒟', '𝓓', '𝔇', '𝔻', '𝕯', '𝖣', '𝗗', '𝘋', '𝘿', '𝙳', '🄓', '🄭', '🄳', '🅌', '🅫', '🆐'] 155 | (d) 100 ['dž', 'dz', 'ᵈ', 'ⅆ', 'ⅾ', '⒟', 'ⓓ', '㍲', '㍷', '㍸', '㍹', '㎗', '㎭', '㎮', '㎯', '㏅', '㏈', 'd', '𝐝', '𝑑', '𝒅', '𝒹', '𝓭', '𝔡', '𝕕', '𝖉', '𝖽', '𝗱', '𝘥', '𝙙', '𝚍'] 156 | (N) 78 ['NJ', 'Nj', 'ᴺ', 'ℕ', '№', 'Ⓝ', 'N', '𝐍', '𝑁', '𝑵', '𝒩', '𝓝', '𝔑', '𝕹', '𝖭', '𝗡', '𝘕', '𝙉', '𝙽', '🄝', '🄽'] 157 | (Z) 90 ['DZ', 'ℤ', 'ℨ', 'Ⓩ', 'Z', '𝐙', '𝑍', '𝒁', '𝒵', '𝓩', '𝖅', '𝖹', '𝗭', '𝘡', '𝙕', '𝚉', '🄩', '🄮', '🅉'] 158 | (z) 122 ['Dz', 'dz', 'ᶻ', '⒵', 'ⓩ', '㎐', '㎑', '㎒', '㎓', '㎔', 'z', '𝐳', '𝑧', '𝒛', '𝓏', '𝔃', '𝔷', '𝕫', '𝖟', '𝗓', '𝘇', '𝘻', '𝙯', '𝚣'] 159 | (h) 104 ['ʰ', 'ₕ', 'ℎ', '⒣', 'ⓗ', '㍱', '㏊', 'h', '𝐡', '𝒉', '𝒽', '𝓱', '𝔥', '𝕙', '𝖍', '𝗁', '𝗵', '𝘩', '𝙝', '𝚑'] 160 | (r) 114 ['ʳ', 'ᵣ', '⒭', 'ⓡ', '㋍', '㍴', '㎭', '㎮', '㎯', '㏛', 'r', '𝐫', '𝑟', '𝒓', '𝓇', '𝓻', '𝔯', '𝕣', '𝖗', '𝗋', '𝗿', '𝘳', '𝙧', '𝚛'] 161 | (w) 119 ['ʷ', '⒲', 'ⓦ', 'w', '𝐰', '𝑤', '𝒘', '𝓌', '𝔀', '𝔴', '𝕨', '𝖜', '𝗐', '𝘄', '𝘸', '𝙬', '𝚠'] 162 | (y) 121 ['ʸ', '⒴', 'ⓨ', '㏉', 'y', '𝐲', '𝑦', '𝒚', '𝓎', '𝔂', '𝔶', '𝕪', '𝖞', '𝗒', '𝘆', '𝘺', '𝙮', '𝚢'] 163 | (x) 120 ['ˣ', 'ₓ', 'ⅸ', 'ⅹ', 'ⅺ', 'ⅻ', '⒳', 'ⓧ', '㏓', 'x', '𝐱', '𝑥', '𝒙', '𝓍', '𝔁', '𝔵', '𝕩', '𝖝', '𝗑', '𝘅', '𝘹', '𝙭', '𝚡'] 164 | (;) 59 [';', '︔', '﹔', ';'] 165 | (A) 65 ['ᴬ', '℻', 'Ⓐ', '㍳', '㎀', '㎁', '㎂', '㎃', '㎄', '㏟', 'A', '𝐀', '𝐴', '𝑨', '𝒜', '𝓐', '𝔄', '𝔸', '𝕬', '𝖠', '𝗔', '𝘈', '𝘼', '𝙰', '🄐', '🄰'] 166 | (B) 66 ['ᴮ', 'ℬ', 'Ⓑ', '㎅', '㎆', '㎇', '㏃', '㏈', 'B', '𝐁', '𝐵', '𝑩', '𝓑', '𝔅', '𝔹', '𝕭', '𝖡', '𝗕', '𝘉', '𝘽', '𝙱', '🄑', '🄱'] 167 | (E) 69 ['ᴱ', '℡', 'ℰ', 'Ⓔ', '㉐', 'E', '𝐄', '𝐸', '𝑬', '𝓔', '𝔈', '𝔼', '𝕰', '𝖤', '𝗘', '𝘌', '𝙀', '𝙴', '🄔', '🄴'] 168 | (G) 71 ['ᴳ', 'Ⓖ', '㎇', '㎓', '㎬', '㏉', 'G', '𝐆', '𝐺', '𝑮', '𝒢', '𝓖', '𝔊', '𝔾', '𝕲', '𝖦', '𝗚', '𝘎', '𝙂', '𝙶', '🄖', '🄶'] 169 | (H) 72 ['ᴴ', 'ℋ', 'ℌ', 'ℍ', 'Ⓗ', '㋌', '㎐', '㎑', '㎒', '㎓', '㎔', '㏋', '㏗', 'H', '𝐇', '𝐻', '𝑯', '𝓗', '𝕳', '𝖧', '𝗛', '𝘏', '𝙃', '𝙷', '🄗', '🄷', '🅊'] 170 | (K) 75 ['ᴷ', 'K', 'Ⓚ', '㎅', '㏍', '㏍', '㏎', 'K', '𝐊', '𝐾', '𝑲', '𝒦', '𝓚', '𝔎', '𝕂', '𝕶', '𝖪', '𝗞', '𝘒', '𝙆', '𝙺', '🄚', '🄺'] 171 | (M) 77 ['ᴹ', '℠', '™', 'ℳ', 'Ⅿ', 'Ⓜ', '㎆', '㎒', '㎫', '㎹', '㎿', '㏁', '㏎', '㏙', 'M', '𝐌', '𝑀', '𝑴', '𝓜', '𝔐', '𝕄', '𝕸', '𝖬', '𝗠', '𝘔', '𝙈', '𝙼', '🄜', '🄼', '🅋', '🅪', '🅫', '🅬'] 172 | (O) 79 ['ᴼ', 'Ⓞ', 'O', '𝐎', '𝑂', '𝑶', '𝒪', '𝓞', '𝔒', '𝕆', '𝕺', '𝖮', '𝗢', '𝘖', '𝙊', '𝙾', '🄞', '🄾'] 173 | (P) 80 ['ᴾ', 'ℙ', 'Ⓟ', '㉐', '㍱', '㎩', '㎪', '㎫', '㎬', '㏋', '㏗', '㏙', '㏙', '㏚', 'P', '𝐏', '𝑃', '𝑷', '𝒫', '𝓟', '𝔓', '𝕻', '𝖯', '𝗣', '𝘗', '𝙋', '𝙿', '🄟', '🄿', '🅎', '🅎'] 174 | (R) 82 ['ᴿ', '₨', 'ℛ', 'ℜ', 'ℝ', 'Ⓡ', '㏚', 'R', '𝐑', '𝑅', '𝑹', '𝓡', '𝕽', '𝖱', '𝗥', '𝘙', '𝙍', '𝚁', '🄡', '🄬', '🅁', '🅬'] 175 | (T) 84 ['ᵀ', '℡', '™', 'Ⓣ', '㉐', '㋏', '㎔', 'T', '𝐓', '𝑇', '𝑻', '𝒯', '𝓣', '𝔗', '𝕋', '𝕿', '𝖳', '𝗧', '𝘛', '𝙏', '𝚃', '🄣', '🅃'] 176 | (U) 85 ['ᵁ', 'Ⓤ', '㍳', '㍺', 'U', '𝐔', '𝑈', '𝑼', '𝒰', '𝓤', '𝔘', '𝕌', '𝖀', '𝖴', '𝗨', '𝘜', '𝙐', '𝚄', '🄤', '🅄'] 177 | (W) 87 ['ᵂ', 'Ⓦ', '㎺', '㎻', '㎼', '㎽', '㎾', '㎿', '㏝', 'W', '𝐖', '𝑊', '𝑾', '𝒲', '𝓦', '𝔚', '𝕎', '𝖂', '𝖶', '𝗪', '𝘞', '𝙒', '𝚆', '🄦', '🄮', '🅆', '🅏'] 178 | (b) 98 ['ᵇ', '⒝', 'ⓑ', '㍴', '㏔', '㏝', 'b', '𝐛', '𝑏', '𝒃', '𝒷', '𝓫', '𝔟', '𝕓', '𝖇', '𝖻', '𝗯', '𝘣', '𝙗', '𝚋'] 179 | (e) 101 ['ᵉ', 'ₑ', 'ℯ', 'ⅇ', '⒠', 'ⓔ', '㋍', '㋎', 'e', '𝐞', '𝑒', '𝒆', '𝓮', '𝔢', '𝕖', '𝖊', '𝖾', '𝗲', '𝘦', '𝙚', '𝚎'] 180 | (g) 103 ['ᵍ', 'ℊ', '⒢', 'ⓖ', '㋌', '㋍', '㎍', '㎎', '㎏', '㏆', '㏒', '㏿', 'g', '𝐠', '𝑔', '𝒈', '𝓰', '𝔤', '𝕘', '𝖌', '𝗀', '𝗴', '𝘨', '𝙜', '𝚐'] 181 | (k) 107 ['ᵏ', 'ₖ', '⒦', 'ⓚ', '㎄', '㎉', '㎏', '㎑', '㎘', '㎞', '㎢', '㎦', '㎪', '㎸', '㎾', '㏀', '㏆', '㏏', 'k', '𝐤', '𝑘', '𝒌', '𝓀', '𝓴', '𝔨', '𝕜', '𝖐', '𝗄', '𝗸', '𝘬', '𝙠', '𝚔'] 182 | (m) 109 ['ᵐ', 'ₘ', 'ⅿ', '⒨', 'ⓜ', '㍷', '㍸', '㍹', '㎃', '㎎', '㎖', '㎙', '㎚', '㎛', '㎜', '㎜', '㎝', '㎞', '㎟', '㎟', '㎠', '㎡', '㎢', '㎣', '㎣', '㎤', '㎥', '㎦', '㎧', '㎨', '㎳', '㎷', '㎽', '㏂', '㏐', '㏔', '㏕', '㏖', '㏘', '㏞', '㏟', 'm', '𝐦', '𝑚', '𝒎', '𝓂', '𝓶', '𝔪', '𝕞', '𝖒', '𝗆', '𝗺', '𝘮', '𝙢', '𝚖'] 183 | (p) 112 ['ᵖ', 'ₚ', '⒫', 'ⓟ', '㍶', '㎀', '㎊', '㎰', '㎴', '㎺', '㏘', 'p', '𝐩', '𝑝', '𝒑', '𝓅', '𝓹', '𝔭', '𝕡', '𝖕', '𝗉', '𝗽', '𝘱', '𝙥', '𝚙'] 184 | (t) 116 ['ᵗ', 'ₜ', '⒯', 'ⓣ', '㏏', 'ſt', 'st', 't', '𝐭', '𝑡', '𝒕', '𝓉', '𝓽', '𝔱', '𝕥', '𝖙', '𝗍', '𝘁', '𝘵', '𝙩', '𝚝'] 185 | (u) 117 ['ᵘ', 'ᵤ', '℆', '⒰', 'ⓤ', 'u', '𝐮', '𝑢', '𝒖', '𝓊', '𝓾', '𝔲', '𝕦', '𝖚', '𝗎', '𝘂', '𝘶', '𝙪', '𝚞'] 186 | (v) 118 ['ᵛ', 'ᵥ', 'ⅳ', 'ⅴ', 'ⅵ', 'ⅶ', 'ⅷ', '⒱', 'ⓥ', '㏜', 'v', '𝐯', '𝑣', '𝒗', '𝓋', '𝓿', '𝔳', '𝕧', '𝖛', '𝗏', '𝘃', '𝘷', '𝙫', '𝚟'] 187 | (c) 99 ['ᶜ', '℀', '℅', '℆', 'ⅽ', '⒞', 'ⓒ', '㍶', '㎈', '㎉', '㎝', '㎠', '㎤', '㏄', '㏄', '㏅', 'c', '𝐜', '𝑐', '𝒄', '𝒸', '𝓬', '𝔠', '𝕔', '𝖈', '𝖼', '𝗰', '𝘤', '𝙘', '𝚌'] 188 | (f) 102 ['ᶠ', '⒡', 'ⓕ', '㎙', 'ff', 'ff', 'fi', 'fl', 'ffi', 'ffi', 'ffl', 'ffl', 'f', '𝐟', '𝑓', '𝒇', '𝒻', '𝓯', '𝔣', '𝕗', '𝖋', '𝖿', '𝗳', '𝘧', '𝙛', '𝚏'] 189 | (`) 96 ['`', '`'] 190 | (.) 46 ['․', '‥', '‥', '…', '…', '…', '⒈', '⒉', '⒊', '⒋', '⒌', '⒍', '⒎', '⒏', '⒐', '⒑', '⒒', '⒓', '⒔', '⒕', '⒖', '⒗', '⒘', '⒙', '⒚', '⒛', '㏂', '㏂', '㏇', '㏘', '㏘', '︙', '︙', '︙', '︰', '︰', '﹒', '.', '🄀'] 191 | (!) 33 ['‼', '‼', '⁈', '⁉', '︕', '﹗', '!'] 192 | (?) 63 ['⁇', '⁇', '⁈', '⁉', '︖', '﹖', '?'] 193 | (0) 48 ['⁰', '₀', '⅒', '↉', '⑩', '⑳', '⑽', '⒇', '⒑', '⒛', '⓪', '㉚', '㊵', '㊿', '㋉', '㍘', '㍢', '㍬', '㏩', '㏳', '㏽', '0', '𝟎', '𝟘', '𝟢', '𝟬', '𝟶', '🄀', '🄁'] 194 | (5) 53 ['⁵', '₅', '⅕', '⅖', '⅗', '⅘', '⅚', '⅝', '⑤', '⑮', '⑸', '⒂', '⒌', '⒖', '㉕', '㉟', '㊺', '㊿', '㋄', '㍝', '㍧', '㏤', '㏮', '㏸', '5', '𝟓', '𝟝', '𝟧', '𝟱', '𝟻', '🄆'] 195 | (6) 54 ['⁶', '₆', '⅙', '⅚', '⑥', '⑯', '⑹', '⒃', '⒍', '⒗', '㉖', '㊱', '㊻', '㋅', '㍞', '㍨', '㏥', '㏯', '㏹', '6', '𝟔', '𝟞', '𝟨', '𝟲', '𝟼', '🄇'] 196 | (7) 55 ['⁷', '₇', '⅐', '⅞', '⑦', '⑰', '⑺', '⒄', '⒎', '⒘', '㉗', '㊲', '㊼', '㋆', '㍟', '㍩', '㏦', '㏰', '㏺', '7', '𝟕', '𝟟', '𝟩', '𝟳', '𝟽', '🄈'] 197 | (8) 56 ['⁸', '₈', '⅛', '⅜', '⅝', '⅞', '⑧', '⑱', '⑻', '⒅', '⒏', '⒙', '㉘', '㊳', '㊽', '㋇', '㍠', '㍪', '㏧', '㏱', '㏻', '8', '𝟖', '𝟠', '𝟪', '𝟴', '𝟾', '🄉'] 198 | (9) 57 ['⁹', '₉', '⅑', '⑨', '⑲', '⑼', '⒆', '⒐', '⒚', '㉙', '㊴', '㊾', '㋈', '㍡', '㍫', '㏨', '㏲', '㏼', '9', '𝟗', '𝟡', '𝟫', '𝟵', '𝟿', '🄊'] 199 | (+) 43 ['⁺', '₊', '﬩', '﹢', '+'] 200 | (=) 61 ['⁼', '₌', '⩴', '⩵', '⩵', '⩶', '⩶', '⩶', '﹦', '='] 201 | (() 40 ['⁽', '₍', '⑴', '⑵', '⑶', '⑷', '⑸', '⑹', '⑺', '⑻', '⑼', '⑽', '⑾', '⑿', '⒀', '⒁', '⒂', '⒃', '⒄', '⒅', '⒆', '⒇', '⒜', '⒝', '⒞', '⒟', '⒠', '⒡', '⒢', '⒣', '⒤', '⒥', '⒦', '⒧', '⒨', '⒩', '⒪', '⒫', '⒬', '⒭', '⒮', '⒯', '⒰', '⒱', '⒲', '⒳', '⒴', '⒵', '㈀', '㈁', '㈂', '㈃', '㈄', '㈅', '㈆', '㈇', '㈈', '㈉', '㈊', '㈋', '㈌', '㈍', '㈎', '㈏', '㈐', '㈑', '㈒', '㈓', '㈔', '㈕', '㈖', '㈗', '㈘', '㈙', '㈚', '㈛', '㈜', '㈝', '㈞', '㈠', '㈡', '㈢', '㈣', '㈤', '㈥', '㈦', '㈧', '㈨', '㈩', '㈪', '㈫', '㈬', '㈭', '㈮', '㈯', '㈰', '㈱', '㈲', '㈳', '㈴', '㈵', '㈶', '㈷', '㈸', '㈹', '㈺', '㈻', '㈼', '㈽', '㈾', '㈿', '㉀', '㉁', '㉂', '㉃', '︵', '﹙', '(', '🄐', '🄑', '🄒', '🄓', '🄔', '🄕', '🄖', '🄗', '🄘', '🄙', '🄚', '🄛', '🄜', '🄝', '🄞', '🄟', '🄠', '🄡', '🄢', '🄣', '🄤', '🄥', '🄦', '🄧', '🄨', '🄩'] 202 | ()) 41 ['⁾', '₎', '⑴', '⑵', '⑶', '⑷', '⑸', '⑹', '⑺', '⑻', '⑼', '⑽', '⑾', '⑿', '⒀', '⒁', '⒂', '⒃', '⒄', '⒅', '⒆', '⒇', '⒜', '⒝', '⒞', '⒟', '⒠', '⒡', '⒢', '⒣', '⒤', '⒥', '⒦', '⒧', '⒨', '⒩', '⒪', '⒫', '⒬', '⒭', '⒮', '⒯', '⒰', '⒱', '⒲', '⒳', '⒴', '⒵', '㈀', '㈁', '㈂', '㈃', '㈄', '㈅', '㈆', '㈇', '㈈', '㈉', '㈊', '㈋', '㈌', '㈍', '㈎', '㈏', '㈐', '㈑', '㈒', '㈓', '㈔', '㈕', '㈖', '㈗', '㈘', '㈙', '㈚', '㈛', '㈜', '㈝', '㈞', '㈠', '㈡', '㈢', '㈣', '㈤', '㈥', '㈦', '㈧', '㈨', '㈩', '㈪', '㈫', '㈬', '㈭', '㈮', '㈯', '㈰', '㈱', '㈲', '㈳', '㈴', '㈵', '㈶', '㈷', '㈸', '㈹', '㈺', '㈻', '㈼', '㈽', '㈾', '㈿', '㉀', '㉁', '㉂', '㉃', '︶', '﹚', ')', '🄐', '🄑', '🄒', '🄓', '🄔', '🄕', '🄖', '🄗', '🄘', '🄙', '🄚', '🄛', '🄜', '🄝', '🄞', '🄟', '🄠', '🄡', '🄢', '🄣', '🄤', '🄥', '🄦', '🄧', '🄨', '🄩'] 203 | (/) 47 ['℀', '℁', '℅', '℆', '/'] 204 | (C) 67 ['ℂ', '℃', 'ℭ', 'Ⅽ', 'Ⓒ', '㏆', '㏇', 'C', '𝐂', '𝐶', '𝑪', '𝒞', '𝓒', '𝕮', '𝖢', '𝗖', '𝘊', '𝘾', '𝙲', '🄒', '🄫', '🄭', '🄲', '🅏', '🅪'] 205 | (F) 70 ['℉', 'ℱ', '℻', 'Ⓕ', '㎊', '㎋', '㎌', 'F', '𝐅', '𝐹', '𝑭', '𝓕', '𝔉', '𝔽', '𝕱', '𝖥', '𝗙', '𝘍', '𝙁', '𝙵', '🄕', '🄵'] 206 | (Q) 81 ['ℚ', 'Ⓠ', 'Q', '𝐐', '𝑄', '𝑸', '𝒬', '𝓠', '𝔔', '𝕼', '𝖰', '𝗤', '𝘘', '𝙌', '𝚀', '🄠', '🅀'] 207 | (S) 83 ['℠', 'Ⓢ', '㏜', 'S', '𝐒', '𝑆', '𝑺', '𝒮', '𝓢', '𝔖', '𝕊', '𝕾', '𝖲', '𝗦', '𝘚', '𝙎', '𝚂', '🄢', '🄪', '🅂', '🅌', '🅍', '🅍'] 208 | (X) 88 ['℻', 'Ⅸ', 'Ⅹ', 'Ⅺ', 'Ⅻ', 'Ⓧ', 'X', '𝐗', '𝑋', '𝑿', '𝒳', '𝓧', '𝔛', '𝕏', '𝖃', '𝖷', '𝗫', '𝘟', '𝙓', '𝚇', '🄧', '🅇'] 209 | (V) 86 ['Ⅳ', 'Ⅴ', 'Ⅵ', 'Ⅶ', 'Ⅷ', 'Ⓥ', 'ⱽ', '㋎', '㍵', '㎴', '㎵', '㎶', '㎷', '㎸', '㎹', '㏞', 'V', '𝐕', '𝑉', '𝑽', '𝒱', '𝓥', '𝔙', '𝕍', '𝖁', '𝖵', '𝗩', '𝘝', '𝙑', '𝚅', '🄥', '🅅', '🅊', '🅋', '🅎'] 210 | (q) 113 ['⒬', 'ⓠ', '㏃', 'q', '𝐪', '𝑞', '𝒒', '𝓆', '𝓺', '𝔮', '𝕢', '𝖖', '𝗊', '𝗾', '𝘲', '𝙦', '𝚚'] 211 | (Y) 89 ['Ⓨ', 'Y', '𝐘', '𝑌', '𝒀', '𝒴', '𝓨', '𝔜', '𝕐', '𝖄', '𝖸', '𝗬', '𝘠', '𝙔', '𝚈', '🄨', '🅈'] 212 | (:) 58 ['⩴', '⩴', '︓', '﹕', ':'] 213 | (,) 44 ['︐', '﹐', ',', '🄁', '🄂', '🄃', '🄄', '🄅', '🄆', '🄇', '🄈', '🄉', '🄊'] 214 | (_) 95 ['︳', '︴', '﹍', '﹎', '﹏', '_'] 215 | ({) 123 ['︷', '﹛', '{'] 216 | (}) 125 ['︸', '﹜', '}'] 217 | ([) 91 ['﹇', '['] 218 | (]) 93 ['﹈', ']'] 219 | (#) 35 ['﹟', '#'] 220 | (&) 38 ['﹠', '&'] 221 | (*) 42 ['﹡', '*'] 222 | (-) 45 ['﹣', '-'] 223 | (<) 60 ['﹤', '<'] 224 | (>) 62 ['﹥', '>'] 225 | (\) 92 ['﹨', '\'] 226 | ($) 36 ['﹩', '$'] 227 | (%) 37 ['﹪', '%'] 228 | (@) 64 ['﹫', '@'] 229 | (") 34 ['"'] 230 | (') 39 ['''] 231 | (^) 94 ['^'] 232 | (|) 124 ['|'] 233 | (~) 126 ['~'] 234 | 235 | ``` 236 | 237 | ## convert a normal string to homograph string(NFKC mode) 238 | 239 | - case 1 240 | ```python 241 | print(gen_unicode_str("import")) 242 | ``` 243 | 244 | output: 245 | ```txt 246 | 𝗂ₘ𝗉𝗈ʳ𝗍 247 | ``` 248 | - case 2 249 | 250 | use in python `eval` 251 | ```python 252 | # N-CTF 2019 python_jail 253 | # should run many times to find valid payload 254 | code = f"__{gen_unicode_str('import')}__('os').{gen_unicode_str('system')}('whoami')" 255 | eval(code) 256 | 257 | ``` 258 | output: 259 | ```txt 260 | h13t0ry 261 | ``` 262 | 263 | ## generate tiny XSS domain 264 | ```python 265 | gen_funny_domain() 266 | ``` 267 | 268 | output: 269 | ```txt 270 | real_domain XSS_payload length 271 | ij.au ij.㍳ 3 272 | ij.bar IJ.㍴ 3 273 | ij.cal ij.㎈ 3 274 | ij.cc IJ.㏄ 3 275 | ij.cd IJ.🄭 3 276 | ij.cm IJ.㎝ 3 277 | ij.dj ij.🆐 3 278 | ij.dm IJ.㍷ 3 279 | ij.dz IJ.DZ 3 280 | ij.fi ij.fi 3 281 | ij.fm IJ.㎙ 3 282 | ij.gal IJ.㏿ 3 283 | ij.gb IJ.㎇ 3 284 | ij.gy IJ.㏉ 3 285 | ij.in ij.㏌ 3 286 | ij.kg ij.㎏ 3 287 | ij.km IJ.㏎ 3 288 | ij.kw ij.㎾ 3 289 | ij.ltd IJ.㋏ 3 290 | ij.ma IJ.㎃ 3 291 | ij.mc ij.🅪 3 292 | ij.md IJ.🅫 3 293 | ij.mg ij.㎎ 3 294 | ij.mil ij.㏕ 3 295 | ij.ml IJ.㎖ 3 296 | ij.mm IJ.㎜ 3 297 | ij.mr ij.🅬 3 298 | ij.ms IJ.㎳ 3 299 | ij.mv IJ.🅋 3 300 | ... 301 | ``` 302 | 303 | # ref 304 | - https://xz.aliyun.com/t/9271 305 | - https://pockr.org/guest/activity?activity_no=act_017d460d4e5988dad2&speech_no=sp_940aedc9e73b0a79a6 306 | - https://www.tr0y.wang/2020/08/18/IDN/#%E5%88%A9%E7%94%A8%E5%9C%BA%E6%99%AF -------------------------------------------------------------------------------- /data/TLDs.txt: -------------------------------------------------------------------------------- 1 | aaa 2 | aarp 3 | abarth 4 | abb 5 | abbott 6 | abbvie 7 | abc 8 | able 9 | abogado 10 | abudhabi 11 | ac 12 | academy 13 | accenture 14 | accountant 15 | accountants 16 | aco 17 | actor 18 | ad 19 | adac 20 | ads 21 | adult 22 | ae 23 | aeg 24 | aero 25 | aetna 26 | af 27 | afamilycompany 28 | afl 29 | africa 30 | ag 31 | agakhan 32 | agency 33 | ai 34 | aig 35 | airbus 36 | airforce 37 | airtel 38 | akdn 39 | al 40 | alfaromeo 41 | alibaba 42 | alipay 43 | allfinanz 44 | allstate 45 | ally 46 | alsace 47 | alstom 48 | am 49 | amazon 50 | americanexpress 51 | americanfamily 52 | amex 53 | amfam 54 | amica 55 | amsterdam 56 | analytics 57 | android 58 | anquan 59 | anz 60 | ao 61 | aol 62 | apartments 63 | app 64 | apple 65 | aq 66 | aquarelle 67 | ar 68 | arab 69 | aramco 70 | archi 71 | army 72 | arpa 73 | art 74 | arte 75 | as 76 | asda 77 | asia 78 | associates 79 | at 80 | athleta 81 | attorney 82 | au 83 | auction 84 | audi 85 | audible 86 | audio 87 | auspost 88 | author 89 | auto 90 | autos 91 | avianca 92 | aw 93 | aws 94 | ax 95 | axa 96 | az 97 | azure 98 | ba 99 | baby 100 | baidu 101 | banamex 102 | bananarepublic 103 | band 104 | bank 105 | bar 106 | barcelona 107 | barclaycard 108 | barclays 109 | barefoot 110 | bargains 111 | baseball 112 | basketball 113 | bauhaus 114 | bayern 115 | bb 116 | bbc 117 | bbt 118 | bbva 119 | bcg 120 | bcn 121 | bd 122 | be 123 | beats 124 | beauty 125 | beer 126 | bentley 127 | berlin 128 | best 129 | bestbuy 130 | bet 131 | bf 132 | bg 133 | bh 134 | bharti 135 | bi 136 | bible 137 | bid 138 | bike 139 | bing 140 | bingo 141 | bio 142 | biz 143 | bj 144 | black 145 | blackfriday 146 | blockbuster 147 | blog 148 | bloomberg 149 | blue 150 | bm 151 | bms 152 | bmw 153 | bn 154 | bnpparibas 155 | bo 156 | boats 157 | boehringer 158 | bofa 159 | bom 160 | bond 161 | boo 162 | book 163 | booking 164 | bosch 165 | bostik 166 | boston 167 | bot 168 | boutique 169 | box 170 | br 171 | bradesco 172 | bridgestone 173 | broadway 174 | broker 175 | brother 176 | brussels 177 | bs 178 | bt 179 | budapest 180 | bugatti 181 | build 182 | builders 183 | business 184 | buy 185 | buzz 186 | bv 187 | bw 188 | by 189 | bz 190 | bzh 191 | ca 192 | cab 193 | cafe 194 | cal 195 | call 196 | calvinklein 197 | cam 198 | camera 199 | camp 200 | cancerresearch 201 | canon 202 | capetown 203 | capital 204 | capitalone 205 | car 206 | caravan 207 | cards 208 | care 209 | career 210 | careers 211 | cars 212 | casa 213 | case 214 | cash 215 | casino 216 | cat 217 | catering 218 | catholic 219 | cba 220 | cbn 221 | cbre 222 | cbs 223 | cc 224 | cd 225 | center 226 | ceo 227 | cern 228 | cf 229 | cfa 230 | cfd 231 | cg 232 | ch 233 | chanel 234 | channel 235 | charity 236 | chase 237 | chat 238 | cheap 239 | chintai 240 | christmas 241 | chrome 242 | church 243 | ci 244 | cipriani 245 | circle 246 | cisco 247 | citadel 248 | citi 249 | citic 250 | city 251 | cityeats 252 | ck 253 | cl 254 | claims 255 | cleaning 256 | click 257 | clinic 258 | clinique 259 | clothing 260 | cloud 261 | club 262 | clubmed 263 | cm 264 | cn 265 | co 266 | coach 267 | codes 268 | coffee 269 | college 270 | cologne 271 | com 272 | comcast 273 | commbank 274 | community 275 | company 276 | compare 277 | computer 278 | comsec 279 | condos 280 | construction 281 | consulting 282 | contact 283 | contractors 284 | cooking 285 | cookingchannel 286 | cool 287 | coop 288 | corsica 289 | country 290 | coupon 291 | coupons 292 | courses 293 | cpa 294 | cr 295 | credit 296 | creditcard 297 | creditunion 298 | cricket 299 | crown 300 | crs 301 | cruise 302 | cruises 303 | csc 304 | cu 305 | cuisinella 306 | cv 307 | cw 308 | cx 309 | cy 310 | cymru 311 | cyou 312 | cz 313 | dabur 314 | dad 315 | dance 316 | data 317 | date 318 | dating 319 | datsun 320 | day 321 | dclk 322 | dds 323 | de 324 | deal 325 | dealer 326 | deals 327 | degree 328 | delivery 329 | dell 330 | deloitte 331 | delta 332 | democrat 333 | dental 334 | dentist 335 | desi 336 | design 337 | dev 338 | dhl 339 | diamonds 340 | diet 341 | digital 342 | direct 343 | directory 344 | discount 345 | discover 346 | dish 347 | diy 348 | dj 349 | dk 350 | dm 351 | dnp 352 | do 353 | docs 354 | doctor 355 | dog 356 | domains 357 | dot 358 | download 359 | drive 360 | dtv 361 | dubai 362 | duck 363 | dunlop 364 | dupont 365 | durban 366 | dvag 367 | dvr 368 | dz 369 | earth 370 | eat 371 | ec 372 | eco 373 | edeka 374 | edu 375 | education 376 | ee 377 | eg 378 | email 379 | emerck 380 | energy 381 | engineer 382 | engineering 383 | enterprises 384 | epson 385 | equipment 386 | er 387 | ericsson 388 | erni 389 | es 390 | esq 391 | estate 392 | et 393 | etisalat 394 | eu 395 | eurovision 396 | eus 397 | events 398 | exchange 399 | expert 400 | exposed 401 | express 402 | extraspace 403 | fage 404 | fail 405 | fairwinds 406 | faith 407 | family 408 | fan 409 | fans 410 | farm 411 | farmers 412 | fashion 413 | fast 414 | fedex 415 | feedback 416 | ferrari 417 | ferrero 418 | fi 419 | fiat 420 | fidelity 421 | fido 422 | film 423 | final 424 | finance 425 | financial 426 | fire 427 | firestone 428 | firmdale 429 | fish 430 | fishing 431 | fit 432 | fitness 433 | fj 434 | fk 435 | flickr 436 | flights 437 | flir 438 | florist 439 | flowers 440 | fly 441 | fm 442 | fo 443 | foo 444 | food 445 | foodnetwork 446 | football 447 | ford 448 | forex 449 | forsale 450 | forum 451 | foundation 452 | fox 453 | fr 454 | free 455 | fresenius 456 | frl 457 | frogans 458 | frontdoor 459 | frontier 460 | ftr 461 | fujitsu 462 | fun 463 | fund 464 | furniture 465 | futbol 466 | fyi 467 | ga 468 | gal 469 | gallery 470 | gallo 471 | gallup 472 | game 473 | games 474 | gap 475 | garden 476 | gay 477 | gb 478 | gbiz 479 | gd 480 | gdn 481 | ge 482 | gea 483 | gent 484 | genting 485 | george 486 | gf 487 | gg 488 | ggee 489 | gh 490 | gi 491 | gift 492 | gifts 493 | gives 494 | giving 495 | gl 496 | glade 497 | glass 498 | gle 499 | global 500 | globo 501 | gm 502 | gmail 503 | gmbh 504 | gmo 505 | gmx 506 | gn 507 | godaddy 508 | gold 509 | goldpoint 510 | golf 511 | goo 512 | goodyear 513 | goog 514 | google 515 | gop 516 | got 517 | gov 518 | gp 519 | gq 520 | gr 521 | grainger 522 | graphics 523 | gratis 524 | green 525 | gripe 526 | grocery 527 | group 528 | gs 529 | gt 530 | gu 531 | guardian 532 | gucci 533 | guge 534 | guide 535 | guitars 536 | guru 537 | gw 538 | gy 539 | hair 540 | hamburg 541 | hangout 542 | haus 543 | hbo 544 | hdfc 545 | hdfcbank 546 | health 547 | healthcare 548 | help 549 | helsinki 550 | here 551 | hermes 552 | hgtv 553 | hiphop 554 | hisamitsu 555 | hitachi 556 | hiv 557 | hk 558 | hkt 559 | hm 560 | hn 561 | hockey 562 | holdings 563 | holiday 564 | homedepot 565 | homegoods 566 | homes 567 | homesense 568 | honda 569 | horse 570 | hospital 571 | host 572 | hosting 573 | hot 574 | hoteles 575 | hotels 576 | hotmail 577 | house 578 | how 579 | hr 580 | hsbc 581 | ht 582 | hu 583 | hughes 584 | hyatt 585 | hyundai 586 | ibm 587 | icbc 588 | ice 589 | icu 590 | id 591 | ie 592 | ieee 593 | ifm 594 | ikano 595 | il 596 | im 597 | imamat 598 | imdb 599 | immo 600 | immobilien 601 | in 602 | inc 603 | industries 604 | infiniti 605 | info 606 | ing 607 | ink 608 | institute 609 | insurance 610 | insure 611 | int 612 | international 613 | intuit 614 | investments 615 | io 616 | ipiranga 617 | iq 618 | ir 619 | irish 620 | is 621 | ismaili 622 | ist 623 | istanbul 624 | it 625 | itau 626 | itv 627 | jaguar 628 | java 629 | jcb 630 | je 631 | jeep 632 | jetzt 633 | jewelry 634 | jio 635 | jll 636 | jm 637 | jmp 638 | jnj 639 | jo 640 | jobs 641 | joburg 642 | jot 643 | joy 644 | jp 645 | jpmorgan 646 | jprs 647 | juegos 648 | juniper 649 | kaufen 650 | kddi 651 | ke 652 | kerryhotels 653 | kerrylogistics 654 | kerryproperties 655 | kfh 656 | kg 657 | kh 658 | ki 659 | kia 660 | kim 661 | kinder 662 | kindle 663 | kitchen 664 | kiwi 665 | km 666 | kn 667 | koeln 668 | komatsu 669 | kosher 670 | kp 671 | kpmg 672 | kpn 673 | kr 674 | krd 675 | kred 676 | kuokgroup 677 | kw 678 | ky 679 | kyoto 680 | kz 681 | la 682 | lacaixa 683 | lamborghini 684 | lamer 685 | lancaster 686 | lancia 687 | land 688 | landrover 689 | lanxess 690 | lasalle 691 | lat 692 | latino 693 | latrobe 694 | law 695 | lawyer 696 | lb 697 | lc 698 | lds 699 | lease 700 | leclerc 701 | lefrak 702 | legal 703 | lego 704 | lexus 705 | lgbt 706 | li 707 | lidl 708 | life 709 | lifeinsurance 710 | lifestyle 711 | lighting 712 | like 713 | lilly 714 | limited 715 | limo 716 | lincoln 717 | linde 718 | link 719 | lipsy 720 | live 721 | living 722 | lixil 723 | lk 724 | llc 725 | llp 726 | loan 727 | loans 728 | locker 729 | locus 730 | loft 731 | lol 732 | london 733 | lotte 734 | lotto 735 | love 736 | lpl 737 | lplfinancial 738 | lr 739 | ls 740 | lt 741 | ltd 742 | ltda 743 | lu 744 | lundbeck 745 | luxe 746 | luxury 747 | lv 748 | ly 749 | ma 750 | macys 751 | madrid 752 | maif 753 | maison 754 | makeup 755 | man 756 | management 757 | mango 758 | map 759 | market 760 | marketing 761 | markets 762 | marriott 763 | marshalls 764 | maserati 765 | mattel 766 | mba 767 | mc 768 | mckinsey 769 | md 770 | me 771 | med 772 | media 773 | meet 774 | melbourne 775 | meme 776 | memorial 777 | men 778 | menu 779 | merckmsd 780 | mg 781 | mh 782 | miami 783 | microsoft 784 | mil 785 | mini 786 | mint 787 | mit 788 | mitsubishi 789 | mk 790 | ml 791 | mlb 792 | mls 793 | mm 794 | mma 795 | mn 796 | mo 797 | mobi 798 | mobile 799 | moda 800 | moe 801 | moi 802 | mom 803 | monash 804 | money 805 | monster 806 | mormon 807 | mortgage 808 | moscow 809 | moto 810 | motorcycles 811 | mov 812 | movie 813 | mp 814 | mq 815 | mr 816 | ms 817 | msd 818 | mt 819 | mtn 820 | mtr 821 | mu 822 | museum 823 | music 824 | mutual 825 | mv 826 | mw 827 | mx 828 | my 829 | mz 830 | na 831 | nab 832 | nagoya 833 | name 834 | natura 835 | navy 836 | nba 837 | nc 838 | ne 839 | nec 840 | net 841 | netbank 842 | netflix 843 | network 844 | neustar 845 | new 846 | news 847 | next 848 | nextdirect 849 | nexus 850 | nf 851 | nfl 852 | ng 853 | ngo 854 | nhk 855 | ni 856 | nico 857 | nike 858 | nikon 859 | ninja 860 | nissan 861 | nissay 862 | nl 863 | no 864 | nokia 865 | northwesternmutual 866 | norton 867 | now 868 | nowruz 869 | nowtv 870 | np 871 | nr 872 | nra 873 | nrw 874 | ntt 875 | nu 876 | nyc 877 | nz 878 | obi 879 | observer 880 | off 881 | office 882 | okinawa 883 | olayan 884 | olayangroup 885 | oldnavy 886 | ollo 887 | om 888 | omega 889 | one 890 | ong 891 | onl 892 | online 893 | ooo 894 | open 895 | oracle 896 | orange 897 | org 898 | organic 899 | origins 900 | osaka 901 | otsuka 902 | ott 903 | ovh 904 | pa 905 | page 906 | panasonic 907 | paris 908 | pars 909 | partners 910 | parts 911 | party 912 | passagens 913 | pay 914 | pccw 915 | pe 916 | pet 917 | pf 918 | pfizer 919 | pg 920 | ph 921 | pharmacy 922 | phd 923 | philips 924 | phone 925 | photo 926 | photography 927 | photos 928 | physio 929 | pics 930 | pictet 931 | pictures 932 | pid 933 | pin 934 | ping 935 | pink 936 | pioneer 937 | pizza 938 | pk 939 | pl 940 | place 941 | play 942 | playstation 943 | plumbing 944 | plus 945 | pm 946 | pn 947 | pnc 948 | pohl 949 | poker 950 | politie 951 | porn 952 | post 953 | pr 954 | pramerica 955 | praxi 956 | press 957 | prime 958 | pro 959 | prod 960 | productions 961 | prof 962 | progressive 963 | promo 964 | properties 965 | property 966 | protection 967 | pru 968 | prudential 969 | ps 970 | pt 971 | pub 972 | pw 973 | pwc 974 | py 975 | qa 976 | qpon 977 | quebec 978 | quest 979 | racing 980 | radio 981 | raid 982 | re 983 | read 984 | realestate 985 | realtor 986 | realty 987 | recipes 988 | red 989 | redstone 990 | redumbrella 991 | rehab 992 | reise 993 | reisen 994 | reit 995 | reliance 996 | ren 997 | rent 998 | rentals 999 | repair 1000 | report 1001 | republican 1002 | rest 1003 | restaurant 1004 | review 1005 | reviews 1006 | rexroth 1007 | rich 1008 | richardli 1009 | ricoh 1010 | ril 1011 | rio 1012 | rip 1013 | ro 1014 | rocher 1015 | rocks 1016 | rodeo 1017 | rogers 1018 | room 1019 | rs 1020 | rsvp 1021 | ru 1022 | rugby 1023 | ruhr 1024 | run 1025 | rw 1026 | rwe 1027 | ryukyu 1028 | sa 1029 | saarland 1030 | safe 1031 | safety 1032 | sakura 1033 | sale 1034 | salon 1035 | samsclub 1036 | samsung 1037 | sandvik 1038 | sandvikcoromant 1039 | sanofi 1040 | sap 1041 | sarl 1042 | sas 1043 | save 1044 | saxo 1045 | sb 1046 | sbi 1047 | sbs 1048 | sc 1049 | sca 1050 | scb 1051 | schaeffler 1052 | schmidt 1053 | scholarships 1054 | school 1055 | schule 1056 | schwarz 1057 | science 1058 | scjohnson 1059 | scot 1060 | sd 1061 | se 1062 | search 1063 | seat 1064 | secure 1065 | security 1066 | seek 1067 | select 1068 | sener 1069 | services 1070 | ses 1071 | seven 1072 | sew 1073 | sex 1074 | sexy 1075 | sfr 1076 | sg 1077 | sh 1078 | shangrila 1079 | sharp 1080 | shaw 1081 | shell 1082 | shia 1083 | shiksha 1084 | shoes 1085 | shop 1086 | shopping 1087 | shouji 1088 | show 1089 | showtime 1090 | si 1091 | silk 1092 | sina 1093 | singles 1094 | site 1095 | sj 1096 | sk 1097 | ski 1098 | skin 1099 | sky 1100 | skype 1101 | sl 1102 | sling 1103 | sm 1104 | smart 1105 | smile 1106 | sn 1107 | sncf 1108 | so 1109 | soccer 1110 | social 1111 | softbank 1112 | software 1113 | sohu 1114 | solar 1115 | solutions 1116 | song 1117 | sony 1118 | soy 1119 | spa 1120 | space 1121 | sport 1122 | spot 1123 | sr 1124 | srl 1125 | ss 1126 | st 1127 | stada 1128 | staples 1129 | star 1130 | statebank 1131 | statefarm 1132 | stc 1133 | stcgroup 1134 | stockholm 1135 | storage 1136 | store 1137 | stream 1138 | studio 1139 | study 1140 | style 1141 | su 1142 | sucks 1143 | supplies 1144 | supply 1145 | support 1146 | surf 1147 | surgery 1148 | suzuki 1149 | sv 1150 | swatch 1151 | swiss 1152 | sx 1153 | sy 1154 | sydney 1155 | systems 1156 | sz 1157 | tab 1158 | taipei 1159 | talk 1160 | taobao 1161 | target 1162 | tatamotors 1163 | tatar 1164 | tattoo 1165 | tax 1166 | taxi 1167 | tc 1168 | tci 1169 | td 1170 | tdk 1171 | team 1172 | tech 1173 | technology 1174 | tel 1175 | temasek 1176 | tennis 1177 | teva 1178 | tf 1179 | tg 1180 | th 1181 | thd 1182 | theater 1183 | theatre 1184 | tiaa 1185 | tickets 1186 | tienda 1187 | tiffany 1188 | tips 1189 | tires 1190 | tirol 1191 | tj 1192 | tjmaxx 1193 | tjx 1194 | tk 1195 | tkmaxx 1196 | tl 1197 | tm 1198 | tmall 1199 | tn 1200 | to 1201 | today 1202 | tokyo 1203 | tools 1204 | top 1205 | toray 1206 | toshiba 1207 | total 1208 | tours 1209 | town 1210 | toyota 1211 | toys 1212 | tr 1213 | trade 1214 | trading 1215 | training 1216 | travel 1217 | travelchannel 1218 | travelers 1219 | travelersinsurance 1220 | trust 1221 | trv 1222 | tt 1223 | tube 1224 | tui 1225 | tunes 1226 | tushu 1227 | tv 1228 | tvs 1229 | tw 1230 | tz 1231 | ua 1232 | ubank 1233 | ubs 1234 | ug 1235 | uk 1236 | unicom 1237 | university 1238 | uno 1239 | uol 1240 | ups 1241 | us 1242 | uy 1243 | uz 1244 | va 1245 | vacations 1246 | vana 1247 | vanguard 1248 | vc 1249 | ve 1250 | vegas 1251 | ventures 1252 | verisign 1253 | versicherung 1254 | vet 1255 | vg 1256 | vi 1257 | viajes 1258 | video 1259 | vig 1260 | viking 1261 | villas 1262 | vin 1263 | vip 1264 | virgin 1265 | visa 1266 | vision 1267 | viva 1268 | vivo 1269 | vlaanderen 1270 | vn 1271 | vodka 1272 | volkswagen 1273 | volvo 1274 | vote 1275 | voting 1276 | voto 1277 | voyage 1278 | vu 1279 | vuelos 1280 | wales 1281 | walmart 1282 | walter 1283 | wang 1284 | wanggou 1285 | watch 1286 | watches 1287 | weather 1288 | weatherchannel 1289 | webcam 1290 | weber 1291 | website 1292 | wed 1293 | wedding 1294 | weibo 1295 | weir 1296 | wf 1297 | whoswho 1298 | wien 1299 | wiki 1300 | williamhill 1301 | win 1302 | windows 1303 | wine 1304 | winners 1305 | wme 1306 | wolterskluwer 1307 | woodside 1308 | work 1309 | works 1310 | world 1311 | wow 1312 | ws 1313 | wtc 1314 | wtf 1315 | xbox 1316 | xerox 1317 | xfinity 1318 | xihuan 1319 | xin 1320 | कॉम 1321 | セール 1322 | 佛山 1323 | ಭಾರತ 1324 | 慈善 1325 | 集团 1326 | 在线 1327 | 한국 1328 | ଭାରତ 1329 | 点看 1330 | คอม 1331 | ভাৰত 1332 | ভারত 1333 | 八卦 1334 | ישראל 1335 | موقع 1336 | বাংলা 1337 | 公益 1338 | 公司 1339 | 香格里拉 1340 | 网站 1341 | 移动 1342 | 我爱你 1343 | москва 1344 | қаз 1345 | католик 1346 | онлайн 1347 | сайт 1348 | 联通 1349 | срб 1350 | бг 1351 | бел 1352 | קום 1353 | 时尚 1354 | 微博 1355 | 淡马锡 1356 | ファッション 1357 | орг 1358 | नेट 1359 | ストア 1360 | アマゾン 1361 | 삼성 1362 | சிங்கப்பூர் 1363 | 商标 1364 | 商店 1365 | 商城 1366 | дети 1367 | мкд 1368 | ею 1369 | ポイント 1370 | 新闻 1371 | 家電 1372 | كوم 1373 | 中文网 1374 | 中信 1375 | 中国 1376 | 中國 1377 | 娱乐 1378 | 谷歌 1379 | భారత్ 1380 | ලංකා 1381 | 電訊盈科 1382 | 购物 1383 | クラウド 1384 | ભારત 1385 | 通販 1386 | भारतम् 1387 | भारत 1388 | भारोत 1389 | 网店 1390 | संगठन 1391 | 餐厅 1392 | 网络 1393 | ком 1394 | укр 1395 | 香港 1396 | 亚马逊 1397 | 诺基亚 1398 | 食品 1399 | 飞利浦 1400 | 台湾 1401 | 台灣 1402 | 手机 1403 | мон 1404 | الجزائر 1405 | عمان 1406 | ارامكو 1407 | ایران 1408 | العليان 1409 | اتصالات 1410 | امارات 1411 | بازار 1412 | موريتانيا 1413 | پاکستان 1414 | الاردن 1415 | بارت 1416 | بھارت 1417 | المغرب 1418 | ابوظبي 1419 | البحرين 1420 | السعودية 1421 | ڀارت 1422 | كاثوليك 1423 | سودان 1424 | همراه 1425 | عراق 1426 | مليسيا 1427 | 澳門 1428 | 닷컴 1429 | 政府 1430 | شبكة 1431 | بيتك 1432 | عرب 1433 | გე 1434 | 机构 1435 | 组织机构 1436 | 健康 1437 | ไทย 1438 | سورية 1439 | 招聘 1440 | рус 1441 | рф 1442 | تونس 1443 | 大拿 1444 | ລາວ 1445 | みんな 1446 | グーグル 1447 | ευ 1448 | ελ 1449 | 世界 1450 | 書籍 1451 | ഭാരതം 1452 | ਭਾਰਤ 1453 | 网址 1454 | 닷넷 1455 | コム 1456 | 天主教 1457 | 游戏 1458 | vermögensberater 1459 | vermögensberatung 1460 | 企业 1461 | 信息 1462 | 嘉里大酒店 1463 | 嘉里 1464 | مصر 1465 | قطر 1466 | 广东 1467 | இலங்கை 1468 | இந்தியா 1469 | հայ 1470 | 新加坡 1471 | فلسطين 1472 | 政务 1473 | xxx 1474 | xyz 1475 | yachts 1476 | yahoo 1477 | yamaxun 1478 | yandex 1479 | ye 1480 | yodobashi 1481 | yoga 1482 | yokohama 1483 | you 1484 | youtube 1485 | yt 1486 | yun 1487 | za 1488 | zappos 1489 | zara 1490 | zero 1491 | zip 1492 | zm 1493 | zone 1494 | zuerich 1495 | zw 1496 | -------------------------------------------------------------------------------- /script/get_latest_TLDs.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | import requests 3 | import hashlib 4 | import idna 5 | 6 | 7 | def grab_TLDs(): 8 | content = "" 9 | try: 10 | resp = requests.get("https://data.iana.org/TLD/tlds-alpha-by-domain.txt", timeout=10, verify=True) 11 | md5_resp = requests.get("https://data.iana.org/TLD/tlds-alpha-by-domain.txt.md5", timeout=10, verify=True) 12 | content = resp.text 13 | md5_content = md5_resp.text 14 | content_md5 = hashlib.md5(content.encode()).hexdigest() 15 | if content_md5 in md5_content: 16 | print("get TLDs success, md5 match!") 17 | else: 18 | print("get TLDs success, md5 don't match!") 19 | return content 20 | except requests.RequestException as e: 21 | print("request error:" + str(e)) 22 | exit(-1) 23 | 24 | TLDs = content.split("\n") 25 | valid_TLDs = list( 26 | map( 27 | lambda x: idna.decode(x.strip()), 28 | filter( 29 | lambda x: x and not x.startswith("#"), TLDs 30 | ) 31 | ) 32 | ) 33 | 34 | with open("../data/TLDs.txt", "w") as f: 35 | f.writelines([line+'\n' for line in valid_TLDs]) 36 | 37 | 38 | if __name__ == '__main__': 39 | grab_TLDs() 40 | -------------------------------------------------------------------------------- /script/get_latest_unicode.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | import requests 3 | 4 | 5 | def grab_unicode_set(): 6 | content = "" 7 | try: 8 | resp = requests.get("https://www.unicode.org/Public/14.0.0/ucd/UnicodeData.txt", timeout=10, verify=True) 9 | content = resp.text 10 | except requests.RequestException as e: 11 | print("request error:" + str(e)) 12 | exit(-1) 13 | 14 | lines = content.split("\n") 15 | lines = [line for line in lines if line] 16 | unicode_list = map( 17 | lambda x: f"0x{x.split(';')[0]}", lines 18 | ) 19 | 20 | with open("../data/unicodes.txt", "w") as f: 21 | f.writelines([unicode + '\n' for unicode in unicode_list]) 22 | 23 | 24 | if __name__ == '__main__': 25 | grab_unicode_set() 26 | -------------------------------------------------------------------------------- /toy.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | import unicodedata 3 | import re 4 | import random 5 | from itertools import product 6 | from collections import defaultdict 7 | 8 | 9 | def _TLD_list(): 10 | TLDs = [] 11 | with open("data/TLDs.txt", "r") as f: 12 | for line in f.readlines(): 13 | TLDs.append(line.strip()) 14 | return TLDs 15 | 16 | 17 | def _unicode_list(): 18 | unicodes = [] 19 | with open("data/unicodes.txt", "r") as f: 20 | for line in f.readlines(): 21 | unicodes.append(chr(int(line, 16))) 22 | return unicodes 23 | 24 | 25 | def _is_good_domain_name(name: str): 26 | res = re.match("[0-9a-zA-Z_]+$", name) 27 | if res: 28 | return True 29 | 30 | 31 | def _1toN_unicode(): 32 | # dot in webkit is invalid 33 | good = defaultdict(list) 34 | maybe = defaultdict(list) 35 | unis = _unicode_list() 36 | for uni in unis: 37 | nfkc_normal = unicodedata.normalize("NFKC", uni).lower() 38 | if len(nfkc_normal) > 1: 39 | if _is_good_domain_name(nfkc_normal): 40 | good[nfkc_normal].append(uni) 41 | else: 42 | maybe[nfkc_normal].append(uni) 43 | return good, maybe 44 | 45 | 46 | def _gen_ascii_map(strict_mode=True): 47 | ch_map = defaultdict(list) 48 | items = [chr(i) for i in range(0, 128)] # ascii scope 49 | unicodes = _unicode_list() 50 | for uni in unicodes: 51 | normal_ch = unicodedata.normalize('NFKC', uni) 52 | 53 | if strict_mode: 54 | if len(normal_ch) == 1 and (normal_ch in items) and (uni not in items): 55 | ch_map[normal_ch].append(uni) 56 | 57 | else: 58 | if uni in items: 59 | continue 60 | for ch_item in normal_ch: 61 | # for every ch in NFKCed str 62 | if ch_item in items: 63 | ch_map[ch_item].append(uni) 64 | return ch_map 65 | 66 | 67 | def find_funny_TLD(): 68 | funny_TLDs = defaultdict(list) 69 | tlds = _TLD_list() 70 | unis = _unicode_list() 71 | for tld in tlds: 72 | for uni in unis: 73 | nfkc_normal = unicodedata.normalize("NFKC", uni).lower() 74 | if tld == nfkc_normal and len(nfkc_normal) > 1: 75 | funny_TLDs[tld].append(uni) 76 | for k, v in funny_TLDs.items(): 77 | print(f"TLD: {k}===>{v}") 78 | return funny_TLDs 79 | 80 | 81 | def gen_funny_domain(): 82 | good, maybe = _1toN_unicode() 83 | TLDs = find_funny_TLD() 84 | print(f"real_domain \t XSS_payload \t length") 85 | for item in product(good.keys(), TLDs.keys()): 86 | real_domain = f"{item[0]}.{item[1]}" 87 | xss_domain = f"{random.choice(good[item[0]])}.{random.choice(TLDs[item[1]])}" 88 | print(f"{real_domain} \t" 89 | f"{xss_domain} \t" 90 | f"{len(xss_domain)}") 91 | 92 | 93 | def gen_unicode_str(original_str): 94 | ch_map = _gen_ascii_map(strict_mode=True) 95 | 96 | items = [i for i in original_str] 97 | n_items = [] 98 | for c in items: 99 | nc = random.choice(ch_map[c]) 100 | n_items.append(nc) 101 | return "".join(n_items) 102 | 103 | 104 | if __name__ == '__main__': 105 | 106 | # # generate homograph ascii-[unicodes] map 107 | print("chr \t ascii_index \t homograph_list") 108 | for k, v in _gen_ascii_map(strict_mode=False).items(): 109 | print(f"({k}) \t {ord(k)} \t {v}") 110 | 111 | # convert a normal string to homograph string 112 | # print(gen_unicode_str("import")) 113 | 114 | # # N-CTF 2019 python_jail 115 | # # should run many times to find valid payload 116 | # code = f"__{gen_unicode_str('import')}__('os').{gen_unicode_str('system')}('whoami')" 117 | # eval(code) 118 | 119 | # generate funny domains 120 | # gen_funny_domain() 121 | --------------------------------------------------------------------------------