Subover is a Hostile Subdomain Takeover tool designed in Python. From start, it has been aimed with speed and efficiency in mind. Till date, SubOver detects 36 services which is much more than any other tool out there. The tool is multithreaded and hence delivers good speed. It can easily detect and report potential subdomain takeovers that exist. The list of potentially hijackable services is very comprehensive and it is what makes this tool so powerful.
Installing
You need to have Python 2.7 installed on your machine. The following additional requirements are required -
- dnspython
- colorama
git clone https://github.com/Ice3man543/SubOver.git .
cd SubOver
# consider installing virtualenv
pip install -r requirements.txt
python subover.py -hUsage
python subover.py -l subdomains.txt -o output_takeovers.txt-l subdomains.txtis the list of target subdomains. These can be discovered using various tool such as sublist3r or others.-o output_takeovers.txtis the name of the output file. (Optional & Currently not very well formatted)-t20 is the default number of threads that SubOver will use. (Optional)-Vis the switch for showing verbose output. (Optional, Default=False)
Currently Checked Services
- Github
- Heroku
- Unbounce
- Tumblr
- Shopify
- Instapage
- Desk
- Tictail
- Campaignmonitor
- Cargocollective
- Statuspage
- Amazonaws
- Cloudfront
- Bitbucket
- Squarespace
- Smartling
- Acquia
- Fastly
- Pantheon
- Zendesk
- Uservoice
- WPEngine
- Ghost
- Freshdesk
- Pingdom
- Tilda
- Wordpress
- Teamwork
- Helpjuice
- Helpscout
- Cargo
- Feedpress
- Freshdesk
- Surge
- Surveygizmo
- Mashery
FAQ
Q: What should my wordlist look like?
A: Your wordlist should include a list of subdomains you're checking and should look something like:
backend.example.com
something.someone.com
apo-setup.fxc.something.comYour tool sucks!
Yes, you're probably correct. Feel free to:
- Not use it.
- Show me how to do it better.
Contact
Twitter: @Ice3man543
Credits
- Subdomain Takeover Scanner by 0x94
- subjack : Hostile Subdomain Takeover Tool Written In GO
- Anshumanbh : tko-subs
Related articles
- Pentest Tools For Windows
- Hacker Tools Online
- Pentest Tools Framework
- Hack App
- Hack Tools For Pc
- Game Hacking
- Hack Tools
- How To Install Pentest Tools In Ubuntu
- Pentest Tools Website
- Hacking Tools For Windows Free Download
- Pentest Tools Apk
- How To Install Pentest Tools In Ubuntu
- Nsa Hack Tools Download
- Pentest Tools Windows
- Pentest Tools List
- How To Install Pentest Tools In Ubuntu
- Pentest Tools For Windows
- Hacking Tools For Kali Linux
- Hacking Tools Github
- Tools Used For Hacking
- Hacking Tools For Games
- Hacking Tools And Software
- What Are Hacking Tools
- Hacking Tools Mac
- Hacking Tools For Beginners
- Hack Tools For Pc
- Blackhat Hacker Tools
- Tools Used For Hacking
- Best Hacking Tools 2019
- Hack Apps
- Pentest Tools Nmap
- Hacking Tools Windows 10
- Pentest Tools Online
- Hackrf Tools
- Physical Pentest Tools
- Pentest Tools Online
- Termux Hacking Tools 2019
- Install Pentest Tools Ubuntu
- How To Hack
- Pentest Tools Nmap
- What Are Hacking Tools
- Hacking Tools Hardware
- Hacker Tools For Mac
- How To Hack
- Pentest Tools Bluekeep
- Hacker Tools Software
- Pentest Tools Kali Linux
- Github Hacking Tools
- Pentest Tools Kali Linux
- Tools 4 Hack
- Hacking Tools Kit
- What Are Hacking Tools
- Hacking Tools Software
- Hacking Tools Online
- Hacker Tools 2019
- Pentest Tools List
- Hacking Tools For Games
- Hacker Tools For Windows
- Hacking Tools Pc
- Pentest Tools Website
- Hacking Tools Free Download
- Free Pentest Tools For Windows
- Hack Tools Download
- Pentest Tools Website Vulnerability
- Hack Tools Mac
- Pentest Tools List
- Hack Tools For Ubuntu
- Free Pentest Tools For Windows
- Hacker Tool Kit
- Hacker Tools Apk Download
- Tools Used For Hacking
- Top Pentest Tools
- Hack Tools Mac
- Ethical Hacker Tools
- Hacking App
- Pentest Tools Github
- Pentest Box Tools Download
Geen opmerkings nie:
Plaas 'n opmerking