Lucene search
K

7 matches found

Qualys Blog
Qualys Blog
added 2024/01/11 11:1 p.m.17 views

TotalCloud Insights: Crafting Effective Indicators of Compromise (IoCs) for Sub-domain Takeover Risk Detection

Subdomain takeover poses a significant security threat in cloud environments. It occurs when a subdomain of a domain e.g., subdomain.example.com inadvertently resolves to an external service no longer under the organizations control. These orphaned subdomains provide attackers with a foothold for...

7AI score
Exploits0
Hacker One
Hacker One
added 2021/09/28 7:6 p.m.14 views

8x8 Bounty: Dangling DNS Record docs.jitsi.net (unsuccessful GSuite takeover)

A dangling DNS record was found for the subdomain docs.jitsi.net, which was abandoned and belonged to GSuite. An attacker could have claimed the subdomain and taken it over, causing potential damage to the website and company. It was recommended to remove the Cname and DNS connecting to it...

7AI score
Exploits0
Kitploit
Kitploit
added 2020/11/16 11:30 a.m.254 views

Garud - An Automation Tool That Scans Sub-Domains, Sub-Domain Takeover And Then Filters Out XSS, SSTI, SSRF And More Injection Point Parameters

An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters. Requirements: Go Language, Python 2.7 or Python 3. System requirements: Recommended to run on vps with 1VCPU and 2GB ram. Tools used - You must need to install...

7.8AI score
Exploits0References16
Kitploit
Kitploit
added 2020/02/06 8:30 p.m.207 views

Takeover v0.2 - Sub-Domain TakeOver Vulnerability Scanner

Sub-domain takeover vulnerability occur when a sub-domain subdomain.example.com is pointing to a service e.g: GitHub , AWS/S3 ,.. that has been removed or deleted. This allows an attacker to set up a page on the service that was being used and point their page to that sub-domain. For example, if...

7.1AI score
Exploits0References2
Hacker One
Hacker One
added 2016/12/15 7:9 a.m.244 views

X (Formerly Twitter): Sub Domain Takeover at mk.prd.vine.co

Hey It looks like the EC2 Instance at mk.prd.vine.co has been stopped and now it has been assigned to someone else Proof of Concept 1. http://mk.prd.vine.co/ few days back didn't have port 443 open but now it does have an open port 443 Response 400 Bad Request 400 Bad Request awselb/2.0 So it loo...

6.9AI score
Exploits0
Hacker One
Hacker One
added 2016/10/01 8:6 p.m.20 views

Algolia: Possilbe Sub Domain takever at prestashop.algolia.com

Hey Sir It looks like prestashop.algolia.com has a A record pointing to 178.62.8.144 But when you visit prestashop.algolia.com you see a page hosted by "BC WebSolution" and I couldn't find any relation with Algolia Now what's suspicious here is http://178.62.8.144/ also serves the content of "BC...

0.7AI score
Exploits0
Hacker One
Hacker One
added 2016/02/28 3:52 a.m.22 views

X (Formerly Twitter): Sub-Domain Takeover

Hey ! Your subdomain web.mopub.com is pointing to DYN but you have not claimed it on DYN end. So what happens here is actually that, since web.mopub.com is pointing to DYN, DYNis actually checking if there's a host with that name. Which in this case was not true. So I was able to claim the domain...

6.7AI score
Exploits0
Rows per page
Query Builder