Lädt...


📰 Domain-Protect - OWASP Domain Protect - Prevent Subdomain Takeover


Nachrichtenbereich: 📰 IT Security Nachrichten
🔗 Quelle: kitploit.com

OWASP Global AppSec Dublin - talk and demo


Features

  • scan Amazon Route53 across an AWS Organization for domain records vulnerable to takeover
  • scan Cloudflare for vulnerable DNS records
  • take over vulnerable subdomains yourself before attackers and bug bounty researchers
  • automatically create known issues in Bugcrowd or HackerOne
  • vulnerable domains in Google Cloud DNS can be detected by Domain Protect for GCP
  • manual scans of cloud accounts with no installation

Installation

Collaboration

We welcome collaborators! Please see the OWASP Domain Protect website for more details.

Documentation

Manual scans - AWS
Manual scans - CloudFlare
Architecture
Database
Reports
Automated takeover optional feature
Cloudflare optional feature
Bugcrowd optional feature
HackerOne optional feature
Vulnerability types
Vulnerable A records (IP addresses) optional feature
Requirements
Installation
Slack Webhooks
AWS IAM policies
CI/CD
Development
Code Standards
Automated Tests
Manual Tests
Conference Talks and Blog Posts

Limitations

This tool cannot guarantee 100% protection against subdomain takeovers.



...

🕵️ Mozilla Core Services: Subdomain takeover on one of the subdomain under mozaws.net


📈 44.97 Punkte
🕵️ Sicherheitslücken

🕵️ SubScraper – Subdomain Enum Tool For Takeover Subdomain


📈 44.97 Punkte
🕵️ Hacking

📰 Subdomain Takeover: Sicherheitsfirmen übernehmen Subdomain von EA


📈 44.97 Punkte
📰 IT Nachrichten

📰 Subdomain Takeover: Sicherheitsfirmen übernehmen Subdomain von EA


📈 44.97 Punkte
📰 IT Security Nachrichten

🕵️ Mozilla Core Services: Subdomain takeover on one of the subdomain under mozaws.net


📈 44.97 Punkte
🕵️ Sicherheitslücken

🕵️ Mozilla Core Services: Subdomain takeover on one of the subdomain under mozaws.net


📈 44.97 Punkte
🕵️ Sicherheitslücken

🕵️ Mozilla Core Services: Subdomain takeover on one of the subdomain under mozaws.net


📈 44.97 Punkte
🕵️ Sicherheitslücken

🕵️ Mozilla Core Services: Subdomain takeover on one of the subdomain under mozaws.net


📈 44.97 Punkte
🕵️ Sicherheitslücken

🕵️ Mozilla Core Services: Subdomain takeover on one of the subdomain under mozgcp.net


📈 44.97 Punkte
🕵️ Sicherheitslücken

🕵️ Mozilla Core Services: Subdomain takeover on one of the subdomain under mozgcp.net


📈 44.97 Punkte
🕵️ Sicherheitslücken

🕵️ Mozilla Core Services: Subdomain takeover on one of the subdomain under mozgcp.net


📈 44.97 Punkte
🕵️ Sicherheitslücken

🕵️ Mozilla Core Services: Subdomain takeover on one of the subdomain under mozaws.net


📈 44.97 Punkte
🕵️ Sicherheitslücken

📰 Taken - Takeover AWS Ips And Have A Working POC For Subdomain Takeover


📈 40.52 Punkte
📰 IT Security Nachrichten

🕵️ Sifchain: Subdomain Takeover At the Main Domain Of Your Site


📈 36.07 Punkte
🕵️ Sicherheitslücken

🕵️ Surge Domain/Subdomain Takeover


📈 36.07 Punkte
🕵️ Sicherheitslücken

🔧 Implementing Wildcard Subdomain (Part 2) - Creating subdomain programmatically


📈 32.95 Punkte
🔧 Programmierung

📰 Takeover v0.2 - Sub-Domain TakeOver Vulnerability Scanner


📈 31.62 Punkte
📰 IT Security Nachrichten

🕵️ Razer: AWS subdomain Takeover at estore.razersynapse.com


📈 28.5 Punkte
🕵️ Sicherheitslücken

🕵️ 8x8: Subdomain takeover of ████.jitsi.net


📈 28.5 Punkte
🕵️ Sicherheitslücken

📰 Subdomain Takeover: Verwaiste Domains einfach übernehmen


📈 28.5 Punkte
📰 IT Security Nachrichten

📰 Subdomain-Takeover: Hunderte Microsoft-Subdomains gekapert


📈 28.5 Punkte
📰 IT Security Nachrichten

🕵️ 8x8: Subdomain takeover of ███.wavecell.com


📈 28.5 Punkte
🕵️ Sicherheitslücken

📰 Uber patches security flaw leading to subdomain takeover


📈 28.5 Punkte
📰 IT Security Nachrichten

📰 Sub404 - A Python Tool To Check Subdomain Takeover Vulnerability


📈 28.5 Punkte
📰 IT Security Nachrichten

🕵️ Stripo Inc: subdomain takeover at status-stage0.stripo.email


📈 28.5 Punkte
🕵️ Sicherheitslücken

🕵️ 8x8: DNS Misconfiguration (Subdomain Takeover) █.staging.█.8x8.com


📈 28.5 Punkte
🕵️ Sicherheitslücken

🕵️ Lyst: Subdomain takeover of storybook.lystit.com


📈 28.5 Punkte
🕵️ Sicherheitslücken

🕵️ 8x8: DNS Misconfiguration (Subdomain Takeover) ███.wavecell.com


📈 28.5 Punkte
🕵️ Sicherheitslücken

🕵️ Stripo Inc: subdomain takeover at status0.stripo.email


📈 28.5 Punkte
🕵️ Sicherheitslücken

🕵️ 8x8: DNS Miconfiguration (Subdomain Takeover) ███████.8x8.com


📈 28.5 Punkte
🕵️ Sicherheitslücken

🕵️ Mozilla: Subdomain takeover on one of the subdomains under mozaws.net


📈 28.5 Punkte
🕵️ Sicherheitslücken

🕵️ Starbucks: Bulgaria - Subdomain takeover of mail.starbucks.bg


📈 28.5 Punkte
🕵️ Sicherheitslücken

🕵️ U.S. Dept Of Defense: Subdomain takeover ████████.mil


📈 28.5 Punkte
🕵️ Sicherheitslücken

matomo