Subover is a Hostile Subdomain Takeover tool designed in Python. From start, it has been aimed with speed and efficiency in mind. Till date, SubOver detects 36 services which is much more than any other tool out there. The tool is multithreaded and hence delivers good speed. It can easily detect and report potential subdomain takeovers that exist. The list of potentially hijackable services is very comprehensive and it is what makes this tool so powerful.
Installing
You need to have Python 2.7 installed on your machine. The following additional requirements are required -
- dnspython
- colorama
git clone https://github.com/Ice3man543/SubOver.git .
cd SubOver
# consider installing virtualenv
pip install -r requirements.txt
python subover.py -hUsage
python subover.py -l subdomains.txt -o output_takeovers.txt-l subdomains.txtis the list of target subdomains. These can be discovered using various tool such as sublist3r or others.-o output_takeovers.txtis the name of the output file. (Optional & Currently not very well formatted)-t20 is the default number of threads that SubOver will use. (Optional)-Vis the switch for showing verbose output. (Optional, Default=False)
Currently Checked Services
- Github
- Heroku
- Unbounce
- Tumblr
- Shopify
- Instapage
- Desk
- Tictail
- Campaignmonitor
- Cargocollective
- Statuspage
- Amazonaws
- Cloudfront
- Bitbucket
- Squarespace
- Smartling
- Acquia
- Fastly
- Pantheon
- Zendesk
- Uservoice
- WPEngine
- Ghost
- Freshdesk
- Pingdom
- Tilda
- Wordpress
- Teamwork
- Helpjuice
- Helpscout
- Cargo
- Feedpress
- Freshdesk
- Surge
- Surveygizmo
- Mashery
FAQ
Q: What should my wordlist look like?
A: Your wordlist should include a list of subdomains you're checking and should look something like:
backend.example.com
something.someone.com
apo-setup.fxc.something.comYour tool sucks!
Yes, you're probably correct. Feel free to:
- Not use it.
- Show me how to do it better.
Contact
Twitter: @Ice3man543
Credits
- Subdomain Takeover Scanner by 0x94
- subjack : Hostile Subdomain Takeover Tool Written In GO
- Anshumanbh : tko-subs
- Pentest Tools Website
- Pentest Tools For Windows
- Hacking Tools 2019
- Hack Tools For Pc
- Hack Tools Github
- Hacker Tools List
- Growth Hacker Tools
- Physical Pentest Tools
- Hacker Techniques Tools And Incident Handling
- Hack Tools 2019
- Hacker Search Tools
- Hacker Tools Free Download
- Pentest Box Tools Download
- Hacker Tools Software
- Hacker Tools Mac
- Hacking Tools For Games
- Hacking Tools Mac
- Kik Hack Tools
- Hacker Tools Software
- Hacking App
- Pentest Recon Tools
- Hacker Tools
- Hacker Tools Linux
- Hack Apps
- Github Hacking Tools
- Nsa Hack Tools
- Pentest Tools Free
- Hacking Tools For Kali Linux
- Pentest Reporting Tools
- Top Pentest Tools
- Pentest Recon Tools
- Hacker Tools Github
- Hack Tools
- Hack Apps
- Hacking Tools Mac
- Android Hack Tools Github
- Hack App
- Hacking Tools Windows 10
- Usb Pentest Tools
- Pentest Tools Alternative
- Hacker Tools For Pc
- Pentest Tools Alternative
- What Is Hacking Tools
- Hacker Tools Free Download
- Pentest Tools Apk
- Pentest Tools Tcp Port Scanner
- Hacking Tools Name
- Nsa Hack Tools
- Pentest Tools Windows
- Hack Tools Mac
- Hacker Hardware Tools
- Hack Tools For Pc
- Best Pentesting Tools 2018
- Pentest Tools Nmap
- Pentest Tools Alternative
- Hacking Tools
- Pentest Tools Find Subdomains
- Tools Used For Hacking
- Pentest Tools Subdomain
- Blackhat Hacker Tools
- What Is Hacking Tools
- Hacking Tools 2019
- Hackrf Tools
- Pentest Tools Bluekeep
- Pentest Tools Port Scanner
- Hacker Tools Mac
- Pentest Tools List
Tidak ada komentar:
Posting Komentar