Sub-domain takeover vulnerability occur when a sub-domain (subdomain.example.com) is pointing to a service (e.g: GitHub, AWS/S3,..) that has been removed or deleted. This allows an attacker to set up a page on the service that was being used and point their page to that sub-domain. For example, if subdomain.example.com was pointing to a GitHub page and the user decided to delete their GitHub page, an attacker can now create a GitHub page, add a CNAME file containing subdomain.example.com, and claim subdomain.example.com. For more information: here
Installation:
# git clone https://github.com/m4ll0k/takeover.git
# cd takeover
# python takeover.pywget -q https://raw.githubusercontent.com/m4ll0k/takeover/master/takeover.py && python takeover.py- Pentest Environment
- Pentest As A Service
- Pentest Cheat Sheet
- Hacker Computer
- Pentest Gear
- Hacking Script
- Pentest Xss
- Pentest With Kali
- Rapid7 Pentest
- Pentest Reporting Tool
- Pentest Owasp Top 10
- Pentesting And Ethical Hacking
- Pentest Active Directory
- Pentest Blog
- Hacker Typer
- Pentest Keys
- Pentest Nmap
- Pentest Wiki
- Pentest Wiki
Nenhum comentário:
Postar um comentário