Subdomain Takeover
MITRE ATT&CK, Resource Development, Sub-technique T1584.001
A subdomain takeover occurs if a subdomain is configured to a 3rd party service but is no longer registered. If we are able to create an account in the identified 3rd party and register the domain, we can potentially host content on the subdomain.
Can I Take Over XYZ
This repository should be a goto for anyone attempting a subdomain takeover. This repository will identify is the service you have identified is vulnerable to a subdomain takeover and if so, provide detailed steps on how to exploit it and potentially host content.
dnsReaper
DNSReaper is an automated subdomain takeover tool that tests with known takeover signatures. While you shouldn't rely on a tool to do the job, this tool does a pretty good job and I'd highly recommend it if performing a quick sweep.
Subjack
Subjack is a subndomain takeover tool written in Go.
References
Last updated