can-i-take-over-xyz
Vulnerability scanner
A resource to guide security researchers on identifying subdomain takeover vulnerabilities in web services.
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
5k stars
127 watching
716 forks
Language: Python
last commit: 6 days ago
Linked from 1 awesome list
bugbountyinfoseclistsecuritysubdomainsubdomain-takeovers
vavkamil/awesome-bugbounty-toolsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 therook/subbrute | A tool for automating the discovery of subdomains and DNS records by using open resolvers as a proxy to circumvent rate limiting. | 3,361 |
 macmod/stars | Identifies potential subdomain takeover issues in cloud DNS environments | 49 |
 anirudhbiyani/findmytakeover | Detects DNS record misconfigurations that could be exploited by attackers | 135 |
 ice3man543/subover | A tool for detecting potential subdomain takeovers in web services | 931 |
 infosec-au/altdns | Automates subdomain discovery through permutations and alterations of known domain patterns and words. | 2,333 |
 thebinitghimire/nthim | A tool to detect sub-domain takeovers by scanning targets and checking DNS information. | 355 |
 antichown/subdomain-takeover | An automated tool to identify subdomain vulnerabilities in web applications | 353 |
 pentestpad/subzy | Automates subdomain takeover vulnerability checks | 1,063 |
 saadahmedx/subdomain-takeover | A tool to quickly identify if a subdomain is vulnerable to takeover by scanning target domains | 57 |
 elceef/dnstwist | Automated tool to detect and prevent domain-based cyber threats by generating permutations of domain names | 4,912 |
 lijiejie/subdomainsbrute | A tool for automatically discovering subdomains of given domains | 3,488 |
 irsl/gcp-dhcp-takeover-code-exec | A proof-of-concept code execution project exploiting an unpatched vulnerability in Google Compute Engine's ISC DHCP software to gain root access via SSH keys added by the google_guest_agent. | 533 |
 appsecco/bugcrowd-levelup-subdomain-enumeration | Tools and scripts for discovering hidden sub-domains on the internet | 633 |
 esc4icescesc/skanuvaty | A fast and concurrent DNS/network scanner that identifies subdomains and their corresponding IPs. | 886 |
 vincentcox/bypass-firewalls-by-dns-history | Automatically identifies potential bypass points around web application firewalls (WAFs) by analyzing DNS history records and HTTP responses. | 1,197 |