Some helper subdomain_takeover_tools to validate subdomain takeovers
Project description
# Subdomain Takeover Tools
This set of tools helps me in validating the initial outcome of [subtake](https://github.com/jakejarvis/subtake).
## Confirming takeovers
All scripts support the following two parameters:
–strict: only report as vulnerable if the issue is not also applicable on hostname.tld and www.hostname.tld.
–inverse: do inverse reporting, so report all subdomains that are not vulnerable
## Confirming S3
Subtake has some false positives on Google Cloud buckets as S3 buckets, also some access denied’s end up in the results.
The script confirm-s3.py will make sure that the bucket is actually vulnerable.
`bash grep "\[s3 bucket: " subtake-output.txt | confirm_s3 `
### Confirming ELB
Some patterns of elb are vulnerable while others are not, to filter them we can use our script:
`bash grep "\[elasticbeanstalk: " subtake-output.txt | confirm_elb `
Note: the parameter –strict is accepted here but will not lead to expected results.
### Confirming Shopify
It seems that
`bash grep "\[shopify: " subtake-output.txt | confirm_shopify `
## Separate tools
### Extracting domain names
As part of my process I want to know the domains involved in my findings.
Example usage:
`bash < subtake-output.txt | cut -f3 | python3 extract_domain_names.py | sort -u > involved.domains `
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for subdomain_takeover_tools-0.2.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 25d717f3e84f704a828ff7599740fe0ce4b1c277604dd5a201dfaed3b7b3fc98 |
|
MD5 | 8fa395464bfefc1a16f814ac0ae4173a |
|
BLAKE2b-256 | d2d062bac599faa5785879b97c3dd72531c92b180c80f02a847e86524329115b |
Hashes for subdomain_takeover_tools-0.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 274437c6c10a470b5330ed53a3aeda3e958112972c807980de01e7ff9e19f558 |
|
MD5 | 9a5eb429204b867f2142306cdc8d59e4 |
|
BLAKE2b-256 | b27897e1e12338d56dcb06d61c5d737197113444b6b4c77845479cb4af01da28 |