How do I use NRD2 newly registered domain lists with opensquat?

Improved results from opensquat, against typosquatting and related types of cyber threats, such as domain squatting, phishing campaigns, IDN homoglyph attacks

Opensquat is an open-source OSINT tool to find and analyze typosquatting domains efficiently. It can use custom lists of newly registered domains as the input for the search, hence, it is possible to use it with the lists of NRD2 data feeds to obtain more complete results.

To create a list suitable as an input to opensquat, a possibility is to use the csvkit package which is, like opensquat itself, written in Python and thus available on many platforms. In BASH, a typical approach would be

 zcat | csvgrep -c reason -m added \
    | csvcut -c domainName \
    | tail --lines +2 > domain_names_nrd2_20220731.txt

where is the file downloaded from the NRD2 data feed. Ultimate is the most complete list, but the recipe works with the files from other subscription types, too. The file domain_names_nrd2_20220731.txt will include the list of newly registered domains for the given day, suitable to use it with opensquat like this:

./ -d domain_names_nrd2_20220731.txt 

which will find typosquatting domains for the file in keywords.txt and leave the result in result.txt. Consult the documentation of opensquat for further options, and this blog for a more detailed explanation with examples.