Subdomain Takeover

  • subjack - Subdomain Takeover tool written in Go

  • SubOver - A Powerful Subdomain Takeover Tool

  • autoSubTakeover - A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking out if subdomain takeover is possible.

  • NSBrute - Python utility to takeover domains vulnerable to AWS NS Takeover

  • can-i-take-over-xyz - "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

  • cnames - take a list of resolved subdomains and output any corresponding CNAMES en masse.

  • subHijack - Hijacking forgotten & misconfigured subdomains

  • tko-subs - A tool that can help detect and takeover subdomains with dead DNS records

  • HostileSubBruteforcer - This app will bruteforce for exisiting subdomains and provide information if the 3rd party host has been properly setup.

  • second-order - Second-order subdomain takeover scanner

  • takeover - A tool for testing subdomain takeover possibilities at a mass scale.

Previouspost MessageNextVulnerability Scanners

Last updated