TransWikia.com

Filtering http responses for subdomain takeover

Information Security Asked by kirill .z on December 21, 2020

I try to automate a solution to check hosts for Subdomain takeover vuln. First I get all subdomain’s responses, then use the loop to checking keywords:

if grep -l 'Repository not found|The specified bucket does not exist|Github Pages site here|No such app|Sorry, this shop is currently unavailable|404 Blog is not found|is not a registered InCloud YouTrack' "$X"; then
    echo "$line" >> ./$1/$foldername/vulnerable.txt
fi

Do I need more specific keywords to catch subdomain takeover vuln inside http response bodies? Or something different at all?

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP