Takeover V1

Takeover script extracts CNAME record of all subdomains at once. TakeOver saves researcher time and increase the chance of finding subdomain takeover vulnerability.
Alternatives To Takeover V1
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
Scanners Box7,483
a month ago2
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
2 days ago26mitHTML
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
7 months ago5April 15, 20228mitGo
DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
3 months ago5mitShell
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
4 months ago4April 23, 20213gpl-2.0Go
Subdomain takeover vulnerability checker
9 months ago8October 12, 20224gpl-3.0Python
All in One Recon Tool for Bug Bounty
9 months ago1gpl-3.0Python
A python tool to check subdomain takeover vulnerability
8 months ago
Hacking tools
Takeover V191
7 months ago1gpl-3.0Shell
Takeover script extracts CNAME record of all subdomains at once. TakeOver saves researcher time and increase the chance of finding subdomain takeover vulnerability.
4 years agomitPython
Exploiting misconfigured firebase databases
Alternatives To Takeover V1
Select To Compare

Alternative Project Comparisons


What is Subdomain Takeover?

Subdomain Takeover is a type of vulnerability that arises when a subdomain points to an external service that has been deleted or is no longer in use. Common examples of these external services include Github, Heroku, Gitlab, and Tumblr. In this scenario, an attacker can exploit this vulnerability if the original owner fails to remove the DNS entry that points to the deleted service, allowing the attacker to takeover the subdomain by adding a CNAME file containing the subdomain name. This type of vulnerability can have significant security implications and requires careful attention to prevent exploitation.

Here is the command that checks CNAME record of a subdomain.

$dig CNAME apt.shopify.com --> apt.shopify.com.s3-website-us-east-1.amazonaws.com.

How Can Takeover script help bug bounty hunters?

Managing and securing large numbers of subdomains can be a challenging task for organizations. In order to effectively monitor subdomains for potential security risks, it is important to have a tool that can automate the process of checking CNAME records for each domain. The script in question takes a file name as input, and performs a series of actions to produce output that displays the CNAME record for each domain in the input file. This approach enables security professionals to easily manage and monitor a large number of subdomains, and can help to identify potential vulnerabilities more efficiently.

How can I recognise if the subdomain is vulnerable to subdomain takeover?

When a service is deleted, it is important to analyze the fingerprints that may be left behind when the DNS entry remains in place. In some cases, a vulnerable subdomain may display an error message when visited by an attacker, such as "There isn't a Github Pages site here." By carefully examining these error messages, security professionals can gain valuable insight into potential vulnerabilities that may exist within a domain or subdomain, and take steps to mitigate these risks. This type of analysis is essential for identifying and addressing security issues that may arise from improperly configured or abandoned services.

Alt text

Security researcher @edoverflow has listed all services and their fingerprints. For more detail visit EdOverflow/can-i-take-over-xyz



Popular Vulnerabilities Projects
Popular Subdomain Projects
Popular Security Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.