Product
Introducing License Enforcement in Socket
Ensure open-source compliance with Socket’s License Enforcement Beta. Set up your License Policy and secure your software!
github.com/microphone-mathematics/SubOver
But something more awesome will come soon!
Subover is a Hostile Subdomain Takeover tool originally written in python but rewritten from scratch in Golang. Since it's redesign, it has been aimed with speed and efficiency in mind. Till date, SubOver detects 30+ services which is much more than any other tool out there. The tool uses Golang concurrency and hence is very fast. It can easily detect and report potential subdomain takeovers that exist. The list of potentially hijackable services is very comprehensive and it is what makes this tool so powerful.
You need to have Golang installed on your machine. There are no additional requirements for this tool.
go get github.com/Ice3man543/SubOver
NOTE - Do not change the location of providers.json file. Or the tool will not work.
./SubOver -l subdomains.txt
-l
List of Subdomains-a
Check all hosts regardless of CNAME (Time Consuming and prone to fp's)-t
Number of concurrent threads. (Default 10)-v
Show verbose output (Default False)-https
Force HTTPS Connection (Default HTTP)-timeout
Set custom timeout (Default 10)-h
Show help messageGithub, Heroku, Unbounce, Tumblr, Shopify, Instapage, Desk, Tictail, Campaignmonitor, Cargocollective, Statuspage, Amazonaws, Cloudfront, Bitbucket, Smartling, Acquia, Fastly, Pantheon, Zendesk, Uservoice, Ghost, Freshdesk, Pingdom, Tilda, Wordpress, Teamwork, Helpjuice, Helpscout, Cargo, Feedpress, Surge, Surveygizmo, Mashery, Intercom, Webflow, Kajabi, Thinkific, Tave, Wishpond, Aftership, Aha, Brightcove, Bigcartel, Activecompaign, Compaignmonitor, Acquia, Proposify, Simplebooklet, Getresponse, Vend, Jetbrains, Azure
Count : 51
Q: What should my wordlist look like?
A: Your wordlist should include a list of subdomains you're checking and should look something like:
backend.example.com
something.someone.com
apo-setup.fxc.something.com
Yes, you're probably correct. Feel free to:
Want to contribute? Great!
You can add more services or recommend any changes to the existing ones. Any kind of help is appreciated.
Or buy me a coffee \o/
BSD 2-Clause "Simplified" License
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Ensure open-source compliance with Socket’s License Enforcement Beta. Set up your License Policy and secure your software!
Product
We're launching a new set of license analysis and compliance features for analyzing, managing, and complying with licenses across a range of supported languages and ecosystems.
Product
We're excited to introduce Socket Optimize, a powerful CLI command to secure open source dependencies with tested, optimized package overrides.