fangfangfang is a web application that allows you to defang and refang URLs in text.
Many applications convert URLs in documents to clickable links. These links could be malicious, and users may accidentally click on them. The goal of defanging is to prevent these URLs from being clickable but still human-readable. Refanging, on the other hand, involves taking a defanged piece of text and converting it back to the original text.
fangfangfang supports multiple defanging and refanging translation models. Currently, the following models are supported:
| Model | Example Input | Example Defang |
|---|---|---|
| homoglyph | The fangfangfang source code is located at https://github.com/nryang/fangfangfang :) |
The fangfangfang source code is located at һttрƽ://ƍıtһʋƄ.соm/nгɣɑnƍ/ſɑnƍſɑnƍſɑnƍ :) |
All information and code are provided for educational purposes only. The author is not responsible for any direct or consequential damage or loss arising from any person or organization acting or failing to act on the basis of information contained in this repository.
Please refer to the LICENSE.
Build the docker container:
docker-compose build
Start the docker container:
docker-compose up
Open your browser and navigate to:
If everything is working, you should see the following page:
fangfangfang also provides API endpoints for defanging or refanging text. You can access the API documentation in your browser by navigating to:
If the API docs are working, you should see the following page:
To stop the application, press Ctrl+C from your terminal.
This project uses an API-first approach. The API spec is written in OpenAPI 3 and is defined in openapi/openapi.yaml.
openapi-generator takes the OpenAPI spec and auto-generates the controllers, models, and basic integration tests.
To auto-generate the files (requires Java 8+):
cd bin
./codegen.sh
The auto-generated controllers call the implementation controller modules like api_controller_impl.py.
Connexion uses the controllers to serve the REST endpoints. It also serves static files like the Swagger UI documentation.
To run all tests (requires tox):
./test_python3.sh
- uwsgi-nginx-flask-docker for Docker image
- Connexion for serving REST endpoints and Swagger docs
- openapi-generator for code generation
- iocextract for finding indicators of compromise
- homoglyphs for converting to and from homoglyphs
- defang for example test cases
- IOC Fanger for example test cases