Skip to content

Commit

Permalink
Update README.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@dalpan
dalpan authored Jul 18, 2024
1 parent 57e6198 commit 864935e
Showing 1 changed file with 34 additions and 27 deletions.
61 changes: 34 additions & 27 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,33 +1,9 @@
# SubT | Subdomain Takeover Scanner
![image](Screenshoots/picture.png)

## Details
SubT is a Python tool designed to scan subdomains for potential takeover vulnerabilities based on CNAME and HTTP status codes. It checks each subdomain against a predefined list of vulnerable configurations stored in YAML files.
```
┌──(root㉿tegalsec)-[/home/van/Project/subt]
└─# python subt.py example.com
SubT is a tool to check if a subdomain is vulnerable to subdomain takeover. It uses `subfinder` to search for subdomains, `dig` to check CNAME, and `curl` to check status code.

██████████████████████████
█─▄▄▄▄█▄─██─▄█▄─▄─▀█─▄─▄─█
█▄▄▄▄─██─██─███─▄─▀███─███
▀▄▄▄▄▄▀▀▄▄▄▄▀▀▄▄▄▄▀▀▀▄▄▄▀▀
Subdomain Takeover Scanner
Author by Van | Tegalsec
--------------------------
[+] Checking subdomains for domain: example.com
hub.example.com [301] | Not vulnerable
creators.example.com [409] | vulnerable can be takeover! [cname.testimonial.to]
oneten.example.com [302] | Not vulnerable
video.example.com [404] | vulnerable can be takeover! [custom.gohire.io]
udacity.example.com [302] | Not vulnerable
tp-knowitgetit.example.com [404] | vulnerable can be takeover! [na-west1.surge.sh]
training.example.com [301] | Not vulnerable
forward-champions.example.com [301] | Not vulnerable
oneten-udacity.example.com [409] | vulnerable can be takeover! [cname.testimonial.to]
hello.example.com [302] | Not vulnerable
dashboard.example.com [302] | Not vulnerable
testimonial.example.com [301] | Not vulnerable
```
## Features
- **Subdomain Scanning**: Supports scanning subdomains from a file, a list of domains, or directly provided subdomains.
- **Vulnerability Detection**: Identifies subdomains vulnerable to takeover based on CNAME and HTTP status codes.
Expand Down Expand Up @@ -63,8 +39,39 @@ Scan Single Domain
```
python subt.py example.com
```
```
┌──(root㉿tegalsec)-[/home/van/Project/subt]
└─# python subt.py example.com
██████████████████████████
█─▄▄▄▄█▄─██─▄█▄─▄─▀█─▄─▄─█
█▄▄▄▄─██─██─███─▄─▀███─███
▀▄▄▄▄▄▀▀▄▄▄▄▀▀▄▄▄▄▀▀▀▄▄▄▀▀
Subdomain Takeover Scanner
Author by Van | Tegalsec
--------------------------
[+] Checking subdomains for domain: example.com
hub.example.com [301] | Not vulnerable
creators.example.com [409] | vulnerable can be takeover! [cname.testimonial.to]
oneten.example.com [302] | Not vulnerable
video.example.com [404] | vulnerable can be takeover! [custom.gohire.io]
udacity.example.com [302] | Not vulnerable
tp-knowitgetit.example.com [404] | vulnerable can be takeover! [na-west1.surge.sh]
training.example.com [301] | Not vulnerable
forward-champions.example.com [301] | Not vulnerable
oneten-udacity.example.com [409] | vulnerable can be takeover! [cname.testimonial.to]
hello.example.com [302] | Not vulnerable
dashboard.example.com [302] | Not vulnerable
testimonial.example.com [301] | Not vulnerable
```
### Contribution
Contributions are welcome! If you find any issues or have suggestions for improvement, please open an issue or submit a pull request. Make sure to follow the contribution guidelines.
If you discover a new vulnerable CNAME susceptible to subdomain takeover, feel free to create a new YAML file and upload it to the vulnerable/ folder. Please include accurate information about the CNAME and relevant status codes to ensure the vulnerability's validity.
```
cname: "custom.example.com"
status_code: 404
status: "vulnerable can be takeover!"
```

### License
This project is licensed under the MIT License - see the LICENSE file for details.
Expand Down

0 comments on commit 864935e

Please sign in to comment.