Tuesday, May 17, 2022

Tko-Subs – A Tool That Can Help Detect And Takeover Subdomains With Dead DNS Records

This tool allows:

To check whether a subdomain can be taken over because it has: a dangling CNAME pointing to a CMS provider (Heroku, Github, Shopify, Amazon S3, Amazon CloudFront, etc.) that can be taken over. a dangling CNAME pointing to a non-existent domain name one or more wrong/typoed NS records pointing to a nameserver that can be taken over by an attacker to gain control of the subdomain’s DNS records

To actually take over those subdomain by providing a flag -takeover . Currently, …

