TSEC NEWS: 10.04.21 - Back again ||| cooming soon - 1. TSec-Accounts 2.comments 3. personalized feed... if i have the time

❈ NtHiM - Super Fast Sub-domain Takeover Detection

IT Security Nachrichten feedproxy.google.com

NtHiM - Super Fast Sub-domain Takeover Detection


Method 1: Using Pre-compiled Binaries

The pre-compiled binaries for different systems are available in the Releases page. You can download the one suitable for your system, unzip the file and start using NtHiM.

Method 2: Using Crates.io

NtHiM is available on Crates.io. So, if you have Rust installed on your system, you can simply install NtHiM with the following command:

cargo install NtHiM

Method 3: Manual Build

You will need Cargo to perform the manual build for NtHiM. If you have Cargo installed, you can simply follow the steps below:

  1. Clone this repository, git clone https://github.com/TheBinitGhimire/NtHiM;
  2. Go inside the folder, cd NtHiM;
  3. Use the cargo build command,
  4. Go inside the newly-created target folder, and open the debug folder inside it, cd target/debug;
  5. You will find NtHiM.exe (on Microsoft Windows) or NtHiM binary (on Linux).

The installation walkthrough for NtHiM has been uploaded to YouTube, covering all of these three methods, and you can watch the video here: How to Install and Use NtHiM (Now, the Host is Mine!)? Super Fast Sub-domain Takeover Detection!

Flag Description Example
-h Display help related to usage! NtHiM -h
-t Scan a single target! NtHiM -t https://example.example.com
-f Scan a list of targets from a file! NtHiM -f hostnames.txt
-c Number of Concurrent Threads! NtHiM -c 100 -f hostnames.txt
-V Display the version information! NtHiM -V

Use Case 1 (Single Target):
NtHiM -t https://example.example.com

Use Case 2 (Multiple Targets):
NtHiM -f hostnames.txt

Usage Demonstration:


Single Target

Multiple Targets using Concurrent Threads


Platform Identification

NtHiM uses the data provided in EdOverflow/can-i-take-over-xyz for the platform identification.

Frequently Asked Questions (FAQs)

If you have any questions regarding NtHiM, please raise an issue by going to the Issues page.

Some of your queries might have been answered in one of the existing issues, so please make sure to check the Issues with the FAQ label before raising an issue on your own.

Contributions and Feature Requests

If you are interested in contributing in the development of NtHiM, you can feel free to create a Pull Request with modifications in the original code, or you shall open up a new issue, and I will try to include the feature as requested.

There is no restriction on anyone for contributing to the development of NtHiM. If you would like to contribute, you can feel free to do so.


Kompletten Artikel lesen (externe Quelle: http://feedproxy.google.com/~r/PentestTools/~3/g0sHRpFq1_8/nthim-super-fast-sub-domain-takeover.html)

Zur Team IT Security IT Sicherheit Nachrichtenportal Startseite

➤ Weitere Beiträge von Team Security | IT Sicherheit (tsecurity.de)

uriDeep - Unicode Encoding Attacks With Machine Learning

vom 3991.69 Punkte
Unicode encoding attacks with machine learning. Tool based on machine learning to create amazing fake domains using confusables. Some domains can deceive IDN policies (Chrome & Firefox). I created the best (big) dictionary of confusables using neural networks. It is used in the tool and it can be download from: https://github.com/mindcrypt/uriDeep/blob/master/data

NtHiM - Super Fast Sub-domain Takeover Detection

vom 1330.61 Punkte
NtHiM - Super Fast Sub-domain Takeover DetectionInstallation Method 1: Using Pre-compiled Binaries The pre-compiled binaries for different systems are available in the Releases page. You can download the one suitable for your system, unzip the file an

SharpDPAPI - A C# Port Of Some Mimikatz DPAPI Functionality

vom 374.73 Punkte
SharpDPAPI is a C# port of some DPAPI functionality from @gentilkiwi's Mimikatz project.I did not come up with this logic, it is simply a port from Mimikatz in order to better understand the process and operationalize it to fit our workflow. The SharpChrome subproject is an adaptation of work from @gentilkiwi and @djhohnstein, specifically his SharpChrome project. However, this version of SharpChrome

ProFTPd + Windows AD (LDAP) - user cant sign-in

vom 330.71 Punkte
Currently we still have an old FTP server running, and we want to replace the installation (this due to various reasons). ​ Now I wish to use ProFTPd in combination with LDAP (MS Windows AD). ​ I have a connection with LDAP working, yet connection (non

"Can I Take Over XYZ?" - A List Of Services And How To Claim (Sub)Domains With Dangling DNS Records

vom 320.68 Punkte
What is a subdomain takeover?Subdomain takeover vulnerabilities occur when a subdomain (subdomain.example.com) is pointing to a service (e.g. GitHub pages, Heroku, etc.) that has been removed or deleted. This allows an attacker to set up a page on the

StandIn - A Small .NET35/45 AD Post-Exploitation Toolkit

vom 320.24 Punkte
StandIn is a small AD post-compromise toolkit. StandIn came about because recently at xforcered we needed a .NET native solution to perform resource based constrained delegation. However, StandIn quickly ballooned to include a number of comfort features.

Dr. ROBOT - Tool To Enumerate The Subdomains Associated With A Company By Aggregating The Results Of Multiple OSINT Tools

vom 319.14 Punkte
Dr. ROBOT is a tool for Domain Reconnaissance and Enumeration. By utilizing containers to reduce the overhead of dealing with dependencies, inconsistency across operating sytems, and different languages, Dr. ROBOT is built to be highly portable and configurable.

Takeover v0.2 - Sub-Domain TakeOver Vulnerability Scanner

vom 290.07 Punkte
Sub-domain takeover vulnerability occur when a sub-domain (subdomain.example.com) is pointing to a service (e.g: GitHub, AWS/S3,..) that has been removed or deleted. This allows an attacker to set up a page on the service that was being used and point their p

Rubeus - C# Toolset For Raw Kerberos Interaction And Abuses

vom 267.66 Punkte
Rubeus is a C# toolset for raw Kerberos interaction and abuses. It is heavily adapted from Benjamin Delpy's Kekeo project (CC BY-NC-SA 4.0 license) and Vincent LE TOUX's MakeMeEnterpriseAdmin project (GPL v3.0 license). Full credit goes to Benjamin and

AutoRecon - Multi-Threaded Network Reconnaissance Tool Which Performs Automated Enumeration Of Services

vom 231.7 Punkte
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services. It is intended as a time-saving tool for use in CTFs and other penetration testing environments (e.g. OSCP). It may also be useful in real-world engagements. The tool works by firstly performing port scans/service detection scans. From those initial results, the tool will launch further enum

URLCrazy - Generate And Test Domain Typos And Variations To Detect And Perform Typo Squatting, URL Hijacking, Phishing, And Corporate Espionage

vom 206.37 Punkte
URLCrazy is an OSINT tool to generate and test domain typos or variations to detect or perform typo squatting, URL hijacking, phishing, and corporate espionage.Homepage: https://www.morningstarsecurity.com/research/urlcrazyUse CasesDetect typo squatters profi

Docker-Inurlbr - Advanced Search In Search Engines, Enables Analysis Provided To Exploit GET / POST Capturing Emails & Urls

vom 191.33 Punkte
Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.How to buildgit clone https://github.com/gmdutra/docker-inurlbr.gitc

Team Security Diskussion über NtHiM - Super Fast Sub-domain Takeover Detection