unisec

Unicode Security Toolkit

What is it?

A CLI tool and library to play with Unicode security.

Features

• BiDi spoofing
  • Craft payloads for attack using BiDi code points (e.g. spoofing a domain name or a file name)
• Confusables / homoglyphs
  • List confusables characters for a given character
  • Replace all characters from a string with random confusables
• Hexdump
  • UTF-8, UTF-16, UTF-32 hexadecimal dumps
• Normalization
  • NFC, NFKC, NFD, NFKD normalization forms, HTML escape bypass for XSS
• Properties
  • Get all properties of a given Unicode character
  • List code points matching a Unicode property
  • List all Unicode properties name
• Regexp search
  • Search for Unicode code point names by regular expression
• Size
  • Code point, grapheme, UTF-8/UTF-16/UTF-32 byte/unit size
• Surrogates
  • Code point ↔️ Surrogates conversion
• Versions
  • Version of Unicode, ICU, CLDR, UCD, gems used in Unisec

Installation

$ gem install unisec

Check the installation page on the documentation to discover more methods.

Documentation

Homepage / Documentation: https://acceis.github.io/unisec/

Author

Made by Alexandre ZANNI (@noraj) at ACCEIS.