DNStwist MCP Server

Overview

DNStwist is a security tool that helps identify potential domain name impersonations by generating and analyzing domain permutations. This MCP server wraps the DNStwist functionality, making it accessible through Claude Desktop and other MCP-compatible applications.

Requirements

Before installing DNStwist MCP, ensure you have:

• Node.js (v18 or later)
• Docker
• macOS, Linux, or Windows with Docker Desktop installed

Installation

Option 1: Installing via Smithery (Recommended)

The easiest way to install DNStwist MCP is through Smithery:

npx -y @smithery/cli install @burtthecoder/mcp-dnstwist --client claude

This command automatically configures DNStwist for Claude Desktop.

Option 2: Manual Installation

1. Install Docker:

   • macOS: Install Docker Desktop
   • Linux: Follow the Docker Engine installation guide
   • Windows: Install Docker Desktop

2. Install the server globally via npm:

   npm install -g mcp-dnstwist
   

3. Add the configuration to your Claude Desktop configuration file:

   • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
   • Windows: %APPDATA%\Claude\claude_desktop_config.json

   Add the following to your configuration:

   {
     "mcpServers": {
       "dnstwist": {
         "command": "mcp-dnstwist"
       }
     }
   }
   

4. Restart Claude Desktop to apply the changes.

Option 3: Running from Source

If you prefer to run from source or need to modify the code:

1. Clone and build the repository:

   git clone https://github.com/BurtTheCoder/mcp-dnstwist.git
   cd mcp-dnstwist
   npm install
   npm run build
   

2. Add to your Claude Desktop configuration:

   {
     "mcpServers": {
       "dnstwist": {
         "command": "node",
         "args": ["/absolute/path/to/mcp-dnstwist/build/index.js"]
       }
     }
   }
   

Usage

Once installed, you can use DNStwist through Claude Desktop by asking Claude to analyze domains for potential security issues. For example:

• "Check for typosquatting domains similar to example.com"
• "Analyze potential phishing domains for microsoft.com"
• "Find domain impersonations of amazon.com and check if they have MX records"

Troubleshooting

Docker Issues

1. Verify Docker is installed and running:

   docker --version
   docker ps
   

2. Check Docker permissions:

   • Ensure your user has permissions to run Docker commands
   • On Linux, add your user to the docker group: sudo usermod -aG docker $USER

Common Issues

1. DNS resolution problems:

   • Verify DNS servers are accessible
   • Try alternative DNS servers (e.g., 8.8.8.8)
   • Check for rate limiting or blocking

2. Performance issues:

   • Adjust thread count based on system capabilities
   • Consider network bandwidth and latency
   • Monitor DNS server response times

3. After fixing any issues:

   • Save the configuration file
   • Restart Claude Desktop

Error Messages

• "Docker is not installed or not running": Install Docker and start the Docker daemon
• "Failed to parse dnstwist output": Check if the domain is valid and the format is correct
• "Error executing dnstwist": Check Docker logs and ensure proper permissions
• "DNS server not responding": Verify DNS server accessibility and try alternative servers

Ethical Usage

This tool is designed for legitimate security research purposes. Please:

• Only analyze domains you own or have permission to test
• Respect rate limits and DNS server policies
• Use responsibly and ethically
• Be aware that some DNS servers may rate-limit or block automated queries
• Consider the impact on DNS infrastructure when running large scans