demisto · anara123 · Nov 6, 2023 · Nov 1, 2023 · Nov 1, 2023 · Nov 1, 2023
diff --git a/Packs/CommonScripts/ReleaseNotes/1_12_40.md b/Packs/CommonScripts/ReleaseNotes/1_12_40.md
@@ -0,0 +1,6 @@
+
+#### Scripts
+
+##### EmailDomainSquattingReputation
+
+- Improved implementation and the performance of the script by using native JavaScript code.
diff --git a/Packs/CommonScripts/Scripts/EmailDomainSquattingReputation/EmailDomainSquattingReputation.js b/Packs/CommonScripts/Scripts/EmailDomainSquattingReputation/EmailDomainSquattingReputation.js
@@ -1,3 +1,37 @@
+function levenshtein(str1, str2) {
+    const len1 = str1.length;
+    const len2 = str2.length;
+
+    // Create a 2D array to store the edit distances
+    const matrix = new Array(len1 + 1);
+    for (let i = 0; i <= len1; i++) {
+      matrix[i] = new Array(len2 + 1);
+    }
+
+    // Initialize the matrix
+    for (let i = 0; i <= len1; i++) {
+      matrix[i][0] = i;
+    }
+
+    for (let j = 0; j <= len2; j++) {
+      matrix[0][j] = j;
+    }
+
+    // Fill in the matrix using dynamic programming
+    for (let i = 1; i <= len1; i++) {
+      for (let j = 1; j <= len2; j++) {
+        const cost = (str1[i - 1] === str2[j - 1]) ? 0 : 1;
+        matrix[i][j] = Math.min(
+          matrix[i - 1][j] + 1,       // Deletion
+          matrix[i][j - 1] + 1,       // Insertion
+          matrix[i - 1][j - 1] + cost // Substitution
+        );
+      }
+    }
+
+    // The final edit distance is in the bottom-right cell of the matrix
+    return matrix[len1][len2];
+}
 
 var email = args.email;
 var domains = argToList(args.domain);
@@ -20,24 +54,16 @@ var emailObj = {
 };
 
 domains.forEach(function(domain){
-  if(domain) {
-      var resp = executeCommand("GetStringsDistance", {inputString: emailObj.Domain, compareString: domain.toLowerCase()});
-
-      if(isError(resp[0])){
-          return resp;
-      }
-
-      data = [dq(resp[0], "Contents.Distances")];
-      data.forEach(function(entry)
-      {
-          emailObj.Distance.push(
-              {
-                  Domain  : dq(entry,"StringB"),
-                  Value   : dq(entry,"LevenshteinDistance")
-              });
-      });
-  }
+    if(domain) {
+        let levenshteinForDomain = levenshtein(emailObj.Domain, domain.toLowerCase());
+        emailObj.Distance.push(
+            {
+                Domain  : domain,
+                Value   : levenshteinForDomain
+            });
+    }
 });
+
 var ec = {};
 var suspicious = dq(emailObj,"Distance(val.Value > 0 && val.Value < {0}).Value".format(threshold));
 var dbotScore = 0;

diff --git a/...s/CommonScripts/Scripts/EmailDomainSquattingReputation/EmailDomainSquattingReputation.yml b/...s/CommonScripts/Scripts/EmailDomainSquattingReputation/EmailDomainSquattingReputation.yml
@@ -7,54 +7,56 @@ type: javascript
 tags:
 - email
 - reputation
-comment: Check if an email address's domain is trying to squat other domain using Levenshtein distance algorithm
+comment: Check if an email address's domain is trying to squat other domain using Levenshtein distance algorithm.
 system: true
 args:
 - name: email
   required: true
   default: true
-  description: The email address to check
+  description: The email address to check.
 - name: domain
   required: true
-  description: The domain list to check against for squatting (comma separated)
+  description: The domain list to check against for squatting (comma separated).
   isArray: true
 - name: threshold
-  description: The similarity threshold
+  description: The similarity threshold.
   defaultValue: "3"
 outputs:
 - contextPath: Account
-  description: 'A user account '
+  description: 'A user account.'
 - contextPath: Account.Email
-  description: The account email object
+  description: The account email object.
 - contextPath: Account.Email.Username
-  description: The account email username
+  description: The account email username.
   type: string
 - contextPath: Account.Email.Address
-  description: The account email address
+  description: The account email address.
   type: string
 - contextPath: Account.Email.Domain
-  description: The account email domain
+  description: The account email domain.
   type: string
 - contextPath: Account.Email.Distance
-  description: The email address distance compare to the domains in query
+  description: The email address distance compare to the domains in query.
   type: number
 - contextPath: Account.Email.Distance.Domain
-  description: The compared domain
+  description: The compared domain.
   type: string
 - contextPath: Account.Email.Distance.Value
-  description: 'The distance between the email domain and the compared domain '
+  description: 'The distance between the email domain and the compared domain.'
   type: number
 - contextPath: DBotScore.Indicator
-  description: The Indicator
+  description: The Indicator.
   type: string
 - contextPath: DBotScore.Type
-  description: The Indicator Type
+  description: The Indicator Type.
   type: string
 - contextPath: DBotScore.Vendor
-  description: The DBot score vendor
+  description: The DBot score vendor.
   type: string
 - contextPath: DBotScore.Score
-  description: The DBot score
+  description: The DBot score.
   type: number
 scripttarget: 0
 fromversion: 5.0.0
+tests:
+- EmailDomainSquattingReputation-Test
diff --git a/Packs/CommonScripts/pack_metadata.json b/Packs/CommonScripts/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Common Scripts",
     "description": "Frequently used scripts pack.",
     "support": "xsoar",
-    "currentVersion": "1.12.39",
+    "currentVersion": "1.12.40",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",