Subover is a Hostile Subdomain Takeover tool designed in Python. From start, it has been aimed with speed and efficiency in mind. Till date, SubOver detects 36 services which is much more than any other tool out there. The tool is multithreaded and hence delivers good speed. It can easily detect and report potential subdomain takeovers that exist. The list of potentially hijackable services is very comprehensive and it is what makes this tool so powerful.
Installing
You need to have Python 2.7 installed on your machine. The following additional requirements are required -
- dnspython
- colorama
git clone https://github.com/Ice3man543/SubOver.git .
cd SubOver
# consider installing virtualenv
pip install -r requirements.txt
python subover.py -hUsage
python subover.py -l subdomains.txt -o output_takeovers.txt-l subdomains.txtis the list of target subdomains. These can be discovered using various tool such as sublist3r or others.-o output_takeovers.txtis the name of the output file. (Optional & Currently not very well formatted)-t20 is the default number of threads that SubOver will use. (Optional)-Vis the switch for showing verbose output. (Optional, Default=False)
Currently Checked Services
- Github
- Heroku
- Unbounce
- Tumblr
- Shopify
- Instapage
- Desk
- Tictail
- Campaignmonitor
- Cargocollective
- Statuspage
- Amazonaws
- Cloudfront
- Bitbucket
- Squarespace
- Smartling
- Acquia
- Fastly
- Pantheon
- Zendesk
- Uservoice
- WPEngine
- Ghost
- Freshdesk
- Pingdom
- Tilda
- Wordpress
- Teamwork
- Helpjuice
- Helpscout
- Cargo
- Feedpress
- Freshdesk
- Surge
- Surveygizmo
- Mashery
FAQ
Q: What should my wordlist look like?
A: Your wordlist should include a list of subdomains you're checking and should look something like:
backend.example.com
something.someone.com
apo-setup.fxc.something.comYour tool sucks!
Yes, you're probably correct. Feel free to:
- Not use it.
- Show me how to do it better.
Contact
Twitter: @Ice3man543
Credits
- Subdomain Takeover Scanner by 0x94
- subjack : Hostile Subdomain Takeover Tool Written In GO
- Anshumanbh : tko-subs
Read more
- Pentest Tools Open Source
- Pentest Tools Nmap
- Pentest Tools Open Source
- Pentest Tools Alternative
- Hacker Tools Windows
- Hacking Tools For Windows
- Usb Pentest Tools
- Pentest Tools Open Source
- Hacker Tools Hardware
- Hacking Tools 2020
- Hak5 Tools
- Pentest Tools Tcp Port Scanner
- Hacker Tools Software
- Hacker Tools Github
- Hacker Tools For Mac
- Hacking Tools Mac
- Install Pentest Tools Ubuntu
- Pentest Tools Alternative
- What Is Hacking Tools
- Hacker Techniques Tools And Incident Handling
- Github Hacking Tools
- Hacker Tools Windows
- Pentest Tools Linux
- Hacking Tools Name
- New Hack Tools
- Hack Tool Apk
- Hacking Tools Kit
- Pentest Tools Framework
- Nsa Hack Tools Download
- Pentest Tools Find Subdomains
- Hacker Tools 2019
- Hacking Tools Kit
- Hacker Tools Free Download
- Hacking Tools For Windows Free Download
- Pentest Tools For Windows
- Hacking Tools Pc
- Pentest Tools For Ubuntu
- Hacker Techniques Tools And Incident Handling
- World No 1 Hacker Software
- Pentest Tools Url Fuzzer
- Hacking Tools Download
- Bluetooth Hacking Tools Kali
- Hacker Tools For Ios
- Hacking Tools Github
- Pentest Tools Review
- Pentest Tools List
- Hack Tool Apk
- Hacking Tools For Pc
- Pentest Tools Website Vulnerability
- Pentest Automation Tools
- Top Pentest Tools
- How To Make Hacking Tools
- Hacking Tools For Games
- Android Hack Tools Github
- Hacker Tools For Windows
- Hacker Tools
- Hack App
- Hacker Tools Free
- Hacking Tools Windows 10
- Pentest Tools Website
- Pentest Tools Free
- Hacks And Tools
- Free Pentest Tools For Windows
- Hacking Tools Software
- How To Hack
- Hack Tools Online
- Hacking Tools Pc
- Hacking Tools 2020
- Nsa Hack Tools Download
- Hacking Tools Windows
No comments:
Post a Comment