Punycode_scan.py

# $t@$h
# Script that checks a directory for punycode
# Does NOT modify the system in any way
import os
import re
import tkinter as tk
from tkinter import messagebox, filedialog
import idna

def is_punycode(string):
    return 'xn--' in string

def is_url(string):
    # Regex matches in test but still might need work. Intended to detect any URL format even if punycode
    url_pattern = re.compile(
    r'\b(?:https?://|ftp://|www\d{0,3}[.]|[a-z0-9.\-]+[.][a-z]{2,4})\b', 
    re.IGNORECASE)
    return url_pattern.search(string)

def scan_files_for_punycode(directory):
    findings = []
    for root, dirs, files in os.walk(directory):
        for file in files:
            try:
                file_path = os.path.join(root, file)
                with open(file_path, 'r', encoding='utf-8', errors='ignore') as f:
                    for line in f:
                        if is_punycode(line) and is_url(line):
                            decoded_url = idna.decode(line.strip())
                            findings.append(f"Punycode URL found in {file_path}: {decoded_url}")
            except (IOError, UnicodeDecodeError):
                continue
    return findings

def main():
    root = tk.Tk()
    root.withdraw()

    directory_to_scan = filedialog.askdirectory(title="Select Directory for Punycode Scan")
    if not directory_to_scan:
        messagebox.showinfo("Punycode Scan", "!!!No directory selected. Exiting.")
        return

    findings = scan_files_for_punycode(directory_to_scan)

    if findings:
        messagebox.showinfo("Punycode Scan Report", "!!!Findings:\n".join(findings))
    else:
        messagebox.showinfo("Punycode Scan Report", "No sketchy Punycode detected.")

if __name__ == "__main__":
    main()