Subover is a Hostile Subdomain Takeover tool designed in Python. From start, it has been aimed with speed and efficiency in mind. Till date, SubOver detects 36 services which is much more than any other tool out there. The tool is multithreaded and hence delivers good speed. It can easily detect and report potential subdomain takeovers that exist. The list of potentially hijackable services is very comprehensive and it is what makes this tool so powerful.
Installing
You need to have Python 2.7 installed on your machine. The following additional requirements are required -
- dnspython
- colorama
git clone https://github.com/Ice3man543/SubOver.git .
cd SubOver
# consider installing virtualenv
pip install -r requirements.txt
python subover.py -h
Usage
python subover.py -l subdomains.txt -o output_takeovers.txt
-l subdomains.txt
is the list of target subdomains. These can be discovered using various tool such as sublist3r or others.-o output_takeovers.txt
is the name of the output file. (Optional & Currently not very well formatted)-t
20 is the default number of threads that SubOver will use. (Optional)-V
is the switch for showing verbose output. (Optional, Default=False)
Currently Checked Services
- Github
- Heroku
- Unbounce
- Tumblr
- Shopify
- Instapage
- Desk
- Tictail
- Campaignmonitor
- Cargocollective
- Statuspage
- Amazonaws
- Cloudfront
- Bitbucket
- Squarespace
- Smartling
- Acquia
- Fastly
- Pantheon
- Zendesk
- Uservoice
- WPEngine
- Ghost
- Freshdesk
- Pingdom
- Tilda
- Wordpress
- Teamwork
- Helpjuice
- Helpscout
- Cargo
- Feedpress
- Freshdesk
- Surge
- Surveygizmo
- Mashery
FAQ
Q: What should my wordlist look like?
A: Your wordlist should include a list of subdomains you're checking and should look something like:
backend.example.com
something.someone.com
apo-setup.fxc.something.com
Your tool sucks!
Yes, you're probably correct. Feel free to:
- Not use it.
- Show me how to do it better.
Contact
Twitter: @Ice3man543
Credits
- Subdomain Takeover Scanner by 0x94
- subjack : Hostile Subdomain Takeover Tool Written In GO
- Anshumanbh : tko-subs
Related news
- Best Hacking Tools 2020
- Hack Rom Tools
- Physical Pentest Tools
- Hacking Tools For Mac
- Hacking Apps
- Easy Hack Tools
- Hack Apps
- Pentest Tools Subdomain
- Hacking Tools For Kali Linux
- Hacker Tools Apk
- Pentest Tools Alternative
- Hacking Apps
- Pentest Tools Framework
- Pentest Tools For Ubuntu
- Pentest Tools
- Hacking Tools Software
- Free Pentest Tools For Windows
- Hack Tools For Pc
- Physical Pentest Tools
- Hacker Tools Apk Download
- Hack App
- Pentest Tools Bluekeep
- Pentest Tools Find Subdomains
- Pentest Tools Windows
- Hacker Tools List
- Nsa Hacker Tools
- Hacker Tools Windows
- Hacker Tools Linux
- Beginner Hacker Tools
- Underground Hacker Sites
- Hack Tools For Windows
- Hackrf Tools
- Pentest Tools Bluekeep
- New Hack Tools
- Hacking Tools Github
- Hacking Tools For Windows Free Download
- Hacker Tool Kit
- Hacker
- How To Hack
- Pentest Tools Bluekeep
- Pentest Tools For Mac
- Pentest Tools For Android
- Pentest Tools Review
- Hacking Tools For Kali Linux
- Hacking Tools For Beginners
- Hack Tools 2019
- Best Hacking Tools 2019
- Pentest Tools Linux
- Hack Tools Pc
- Hacking Tools 2020
- Pentest Tools Download
- Pentest Tools Windows
- Pentest Tools Download
- Free Pentest Tools For Windows
- Hack Tools For Windows
- Hacker Tools Linux
- Hacker Tools List
- Pentest Tools Framework
- Hacker Tools Apk Download
- Hacking Tools Usb
- Hack App
- Pentest Tools Open Source
- Game Hacking
- Hack Tools For Mac
- Termux Hacking Tools 2019
- Physical Pentest Tools
- Hacker Tools 2020
- Hack Tools 2019
- Pentest Tools Download
- Hacking Tools Github
- Hacking Tools For Beginners
- Hacking Tools Windows 10
- How To Make Hacking Tools
- Pentest Tools Alternative
- Hacking Tools Pc
- Best Hacking Tools 2019
- Hacker Tools Online