This small script tries to detect subdomain takeovers from a list of domains. Fingerprints are taken from https://github.com/EdOverflow/can-i-take-over-xyz.
Project description
This small script tries to detect subdomain takeovers from a list of domains. Fingerprints are taken from https://github.com/EdOverflow/can-i-take-over-xyz.
Installation
pip install takeover
Usage
takeover blog.example.com
Using with other tools:
subfinder -d "example.com" | takeover
Using in python:
import json, asyncio
from pathlib import Path
from takeover import takeover
home = str(Path.home())
# config is an dictionary. See ~/.config/takeover/config.json for structure
config = json.load(open(home + "/.config/takeover/config.json"))
# Do not forget to replace pointer to fingerprints with the valid data. See ~/.config/takeover/fingerprints.json for structure
config['fingerprints'] = json.load(open(home + "/.config/takeover/fingerprints.json"))
subdomains = ["blog.example.com", "services.example.com"]
asyncio.run(takeover(config).checkHost(subdomains))
How it Works
Matches CNAME against takeover-able services
If CNAME found, matches fingerprints in the body.
Note
As I use discord a lot, this script is programmed to notify using discord webhooks. So you will need to have a discord server and create a webhook to use in it.
If you need some extra features, feel free to submit a new issue on GitHub.
License
Disclaimer
I make guns, I sell guns, I give away guns but I take no responsibility of who dies with the guns.
Legally speaking, What you do with this has nothing to do with me. I am not responsible for your actions.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for takeover.py-0.0.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 25bcfce3ed16989f6113a106dc42b20d4ed7e9bedcbd7116d244c1b0c5af8dee |
|
MD5 | 194ee19263976625600fbc238d9c5e8a |
|
BLAKE2b-256 | 139696df5d65f08fd1fff4fe710522d668f2f8e484a2cd1ac9a7d12d9945116d |