Gi7w0rmJo @LidlUS @lidl @LidlGB, didn't knew you now also host fake versions of the New-York Times:
hxxps[:]//baustandards-qs[.]lidl[.]com
Seems a solid subdomain takeover?
Pointing to AWS: 72.144.31[.]24
jub0bs☝️ With #bluesky's increasing popularity, #bugbounty hunters can demonstrate the impact of a #SubdomainTakeover in yet another way: if foo[.]example[.]com is vulnerable, you may be able to claim [@]foo[.]example[.]com as your handle. Handy for impersonation and phishing. 😈
https://bsky.social/about/blog/4-28-2023-domain-handle-tutorial
Gonçalo Valério"A Guide To Subdomain Takeovers 2.0"
https://www.hackerone.com/community/guide-subdomain-takeovers
Geekmaster 👽
Found a great #opensource tool to scan sites for a laundry list of vulnerabilities https://github.com/h4r5h1t/webcopilot.
Just used it to scan all my company domains, works great!
The tools integrated into this single app are the same tools "security researchers" use to scan sites for #xss #SQLi #ssrf #crlf #lfi #subdomaintakeover #openredirect, etc. vulnerabilities - into a single CLI tool.
Can also help avoid/confirm those "beg-bounty" situations where a simple misconfiguration is touted as a "critical vulnerability" because someone use a quick scanning tool to determine that sub-domain take-over is possible (very common, not critical, easy to fix), or missing DMARC records are present (which 98% of all Internet sites have issues with, and is very easy to fix) to demand a cash reward so they can "share additional critical vulnerabilities" that aren't a thing - they just want money.
Have fun!
GitHub - h4r5h1t/webcopilot: An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities. - h4r5h1t/webcopilot
Sven RuppertInfection Method – Sub-Domain Takeover
A subdomain takeover is a type of cybersecurity vulnerability that occurs when an attacker gains control of a subdomain of a website or a domain name. This attack can seriously affect the security and functionality of a web application or website. In this explanation, we'll look at subdomain takeovers, how they work, the r
https://svenruppert.com/2023/11/20/infection-method-sub-domain-takeover/
#Security #cybersecurity #security #SubdomainTakeover
A subdomain takeover is a type of cybersecurity vulnerability that occurs when an attacker gains control of a subdomain of a website or a domain name. This attack can seriously affect the security and functionality of a web application or website. In this explanation, we'll look at subdomain takeovers, how they work, the r
https://svenruppert.com/2023/11/20/infection-method-sub-domain-takeover/
#Security #cybersecurity #security #SubdomainTakeover
Gareth Emslie 🇿🇦 🇪🇦 🇨🇭MDEASM is a tool used by Microsoft Defender to detect expired subdomains which can be vulnerable to takeover. It continuously maps the external-facing resources across an organization's attack surface to identify, classify and prioritize risks, including subdomain expiration and takeover. https://techcommunity.microsoft.com/t5/microsoft-defender-external/identify-digital-assets-vulnerable-to-subdomain-takeover/ba-p/3700773 #MDEASM #MicrosoftDefender #SubdomainTakeover
Identify Digital Assets Vulnerable to Subdomain Takeover
Subdomain takeover vulnerabilities are, in most cases, the result of an organization using an external service and letting it expire. However, that expired subdomain is still a part of the organization's external attack surface, with domain DNS entries pointing to it. An attacker could then claim th...
Richard LayaTakeOver v1 - Extracts CNAME Record Of All Subdomains At Once http://j.mp/2Pnx3fS #Check #Linux #Script #Subdomain #SubdomainTakeover
