Colline del Vento - Vigna e Cantina

Blog Vino - Colline del Vento

SubOver - A Powerful Subdomain Takeover Tool


Subover is a Hostile Subdomain Takeover tool designed in Python. From start, it has been aimed with speed and efficiency in mind. Till date, SubOver detects 36 services which is much more than any other tool out there. The tool is multithreaded and hence delivers good speed. It can easily detect and report potential subdomain takeovers that exist. The list of potentially hijackable services is very comprehensive and it is what makes this tool so powerful.

Installing
You need to have Python 2.7 installed on your machine. The following additional requirements are required -
  • dnspython
  • colorama
git clone https://github.com/Ice3man543/SubOver.git .
cd SubOver
# consider installing virtualenv
pip install -r requirements.txt
python subover.py -h

Usage
python subover.py -l subdomains.txt -o output_takeovers.txt
  • -l subdomains.txt is the list of target subdomains. These can be discovered using various tool such as sublist3r or others.
  • -o output_takeovers.txtis the name of the output file. (Optional & Currently not very well formatted)
  • -t 20 is the default number of threads that SubOver will use. (Optional)
  • -V is the switch for showing verbose output. (Optional, Default=False)

Currently Checked Services
  • Github
  • Heroku
  • Unbounce
  • Tumblr
  • Shopify
  • Instapage
  • Desk
  • Tictail
  • Campaignmonitor
  • Cargocollective
  • Statuspage
  • Amazonaws
  • Cloudfront
  • Bitbucket
  • Squarespace
  • Smartling
  • Acquia
  • Fastly
  • Pantheon
  • Zendesk
  • Uservoice
  • WPEngine
  • Ghost
  • Freshdesk
  • Pingdom
  • Tilda
  • Wordpress
  • Teamwork
  • Helpjuice
  • Helpscout
  • Cargo
  • Feedpress
  • Freshdesk
  • Surge
  • Surveygizmo
  • Mashery
Count : 36

FAQ
Q: What should my wordlist look like?
A: Your wordlist should include a list of subdomains you're checking and should look something like:
backend.example.com
something.someone.com
apo-setup.fxc.something.com

Your tool sucks!
Yes, you're probably correct. Feel free to:
  • Not use it.
  • Show me how to do it better.

Contact
Twitter: @Ice3man543

Credits


Related links


  1. Pentest Tools Review
  2. Hacker Tools 2020
  3. Pentest Tools Kali Linux
  4. Hacker Search Tools
  5. Pentest Box Tools Download
  6. Hack Tools Download
  7. Hack Rom Tools
  8. Underground Hacker Sites
  9. Pentest Tools
  10. Wifi Hacker Tools For Windows
  11. Hacking Tools 2019
  12. Hacking Tools For Kali Linux
  13. Hacker Tools
  14. Pentest Tools Website
  15. Pentest Tools For Android
  16. Beginner Hacker Tools
  17. Pentest Tools Subdomain
  18. Pentest Tools Port Scanner
  19. Tools 4 Hack
  20. Hacking Tools For Games

postato da Gianluca @ lunedì 20 aprile 2020 lunedì, aprile 20, 2020

0 Commenti:

Posta un commento

Iscriviti a Commenti sul post [Atom]

<< Home page


Copyright © 2006 Colline del Vento di Mario Castangia - Sito Ottimizzato per Internet Explorer 6.0 - Best View 1024x768px