Subdomain takeover finder
Project description
sdto - subdomain takeover finder
Subdomain takeover scanner
Current count of fingerprints: 80
Supported Services
acquia
activecampaign
aftership
agilecrm
aha
airee
anima
announcekit
aws/s3
bigcartel
bitbucket
brightcove
campaignmonitor
canny
cargo
cargocollective
cloudfront
desk
fastly
feedpress
flexbe
flywheel
frontify
gemfury
getresponse
ghost
gitbook
github
hatenablog
helpjuice
helprace
helpscout
heroku
hubspot
intercom
jazzhr
jetbrains
kajabi
kinsta
launchrock
mashery
netlify
ngrok
pagewiz
pantheon
pingdom
proposify
readme
readthedocs
s3bucket
shopify
shortio
simplebooklet
smartjob
smartling
smugmug
sprintful
statuspage
strikingly
surge
surveygizmo
surveysparrow
tave
teamwork
thinkific
tictail
tilda
tumbler
uberflip
unbounce
uptimerobot
uservoice
vend
webflow
wishpond
wix
wordpress
worksites.net
wufoo
zendesk
Installation:
to use as python library
pip install sdto
to use as a CLI tool
pip install sdto[cli]
or:
git clone https://github.com/scanfactory/sdto.git
cd sdto
poetry install
Usage as a CLI tool
Examples:
python3 -m sdto -t www.domain.com
python3 -m sdto -t www.domain.com -f path/to/custom-fingerprints-file.json
python3 -m sdto -t https://www.domain.com/
python3 -m sdto -t http://www.domain.com/
python3 -m sdto -t www.domain.com --no-ssl
python3 -m sdto -t www.domain.com -v --timeout 30
python3 -m sdto -t www.domain.com -H "user-agent" "your-custom-user-agent" -H "another-header" "header-value"
python3 -m sdto -t www.domain.com -F json
python3 -m sdto -t www.domain.com -o output.txt
python3 -m sdto -t www.domain.com -F json -o output.json
python3 -m sdto -t www.domain.com -F txt -o output.txt
python3 -m sdto -t www.domain.com -p http://127.0.0.1:8080
python3 -m sdto -l subdomains-list.txt
Docker support
Build the image:
docker build -t sdto .
Run the container:
docker run -it --rm sdto -t www.domain.com -v
Using custom fingerprints
You can specify custom fingerprints file via -f path/to/file.json parameter.
The expected json file format:
{
"AWS/S3": {"pattern": "The specified bucket does not exist"},
"BitBucket": {"pattern": "Repository not found"},
"Fastly": {"pattern": "Fastly pattern\\: unknown domain\\:", "process_200": true}
}
Note that pattern value is expected to be a python regexp.
Usage as a python library
Example:
import re
from aiohttp import ClientSession
from sdto import check_target, RegexFingerprint
async def main():
async with ClientSession() as cs:
fingerprint = await check_target(
cs=cs,
target="sub.domain.com",
ssl=True,
proxy=None,
fingerprints=[
RegexFingerprint(
"Github",
re.compile(r"There isn\'t a Github Pages site here\."),
process_200=False,
)
]
)
if not fingerprint:
print("No match")
else:
print(fingerprint.name)
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
sdto-0.1.7.tar.gz
(9.6 kB
view details)
Built Distribution
sdto-0.1.7-py3-none-any.whl
(9.2 kB
view details)
File details
Details for the file sdto-0.1.7.tar.gz.
File metadata
- Download URL: sdto-0.1.7.tar.gz
- Upload date:
- Size: 9.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.2.2 CPython/3.9.15 Darwin/21.4.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | ace9068ba02a57036e68e1e5aebb55935e1fc7bccb45d615586a03a90e4a865f |
|
| MD5 | ed1c155d0a0b8f24347d454b7ec6db82 |
|
| BLAKE2b-256 | 1b25397c341129daf095f9ebbf1eb6aaee3011aaea16bf7f323d204ab27b2ec1 |
File details
Details for the file sdto-0.1.7-py3-none-any.whl.
File metadata
- Download URL: sdto-0.1.7-py3-none-any.whl
- Upload date:
- Size: 9.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.2.2 CPython/3.9.15 Darwin/21.4.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 6770b763851b01604b14a9efbbb3dd2a2d634ba79a50a7637538b8622712549a |
|
| MD5 | d3e6d3858eed51ae93960ee056521866 |
|
| BLAKE2b-256 | 14eef8d7e6f988aebc3243547890dfb7982832643f629f2846d2dacd534f9c2c |
