7 matches found
TotalCloud Insights: Crafting Effective Indicators of Compromise (IoCs) for Sub-domain Takeover Risk Detection
Subdomain takeover poses a significant security threat in cloud environments. It occurs when a subdomain of a domain e.g., subdomain.example.com inadvertently resolves to an external service no longer under the organizations control. These orphaned subdomains provide attackers with a foothold for...
8x8 Bounty: Dangling DNS Record docs.jitsi.net (unsuccessful GSuite takeover)
A dangling DNS record was found for the subdomain docs.jitsi.net, which was abandoned and belonged to GSuite. An attacker could have claimed the subdomain and taken it over, causing potential damage to the website and company. It was recommended to remove the Cname and DNS connecting to it...
Garud - An Automation Tool That Scans Sub-Domains, Sub-Domain Takeover And Then Filters Out XSS, SSTI, SSRF And More Injection Point Parameters
An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters. Requirements: Go Language, Python 2.7 or Python 3. System requirements: Recommended to run on vps with 1VCPU and 2GB ram. Tools used - You must need to install...
Takeover v0.2 - Sub-Domain TakeOver Vulnerability Scanner
Sub-domain takeover vulnerability occur when a sub-domain subdomain.example.com is pointing to a service e.g: GitHub , AWS/S3 ,.. that has been removed or deleted. This allows an attacker to set up a page on the service that was being used and point their page to that sub-domain. For example, if...
X (Formerly Twitter): Sub Domain Takeover at mk.prd.vine.co
Hey It looks like the EC2 Instance at mk.prd.vine.co has been stopped and now it has been assigned to someone else Proof of Concept 1. http://mk.prd.vine.co/ few days back didn't have port 443 open but now it does have an open port 443 Response 400 Bad Request 400 Bad Request awselb/2.0 So it loo...
Algolia: Possilbe Sub Domain takever at prestashop.algolia.com
Hey Sir It looks like prestashop.algolia.com has a A record pointing to 178.62.8.144 But when you visit prestashop.algolia.com you see a page hosted by "BC WebSolution" and I couldn't find any relation with Algolia Now what's suspicious here is http://178.62.8.144/ also serves the content of "BC...
X (Formerly Twitter): Sub-Domain Takeover
Hey ! Your subdomain web.mopub.com is pointing to DYN but you have not claimed it on DYN end. So what happens here is actually that, since web.mopub.com is pointing to DYN, DYNis actually checking if there's a host with that name. Which in this case was not true. So I was able to claim the domain...