Giters

sumgr0 / dnsTakeover

Bash script to check a domain for subdomain takeover vulnerability

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

dnsTakeover

About

Simple but effective bash script to check a domain if it's vulnerable to subdomain takeover. It uses Amass and MassDNS tools for fast domain information gathering and records resolution. List of supported cloud providers vulnerable to takeover*:

  • cloudapp.net
  • azurewebsites.net
  • trafficmanager.net
  • azure-api.net
  • cloudapp.net
  • azureedget.net
  • azure-api.net
  • p.azurewebsites.net
  • s3.amazonaws.com
  • s3-websites
  • cargocollective.com
  • desk.com
  • redirect.feedpress.me
  • ghost.io
  • github.com
  • helpscoutdocs.com
  • herokuapp.com
  • herokuspace.com
  • hs-sites.com
  • myjetbrains.com
  • myshopify.com
  • statuspage.io
  • surge.sh
  • uservoice.com
  • wordpress.com
  • zendesk.com

*List may be not 100% accurate and needs a review.

Usage

./dnsTakeover.sh example.com

About

Bash script to check a domain for subdomain takeover vulnerability

License:MIT License

Languages

Language:Python 67.1%Language:Shell 32.9%