{"id":37143089,"url":"https://github.com/mdeous/dnscheck","last_synced_at":"2026-04-11T10:12:22.295Z","repository":{"id":162958840,"uuid":"416788290","full_name":"mdeous/dnscheck","owner":"mdeous","description":"Subdomain takeover assessment tool.","archived":false,"fork":false,"pushed_at":"2025-08-19T07:48:49.000Z","size":256,"stargazers_count":6,"open_issues_count":2,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-08-19T09:54:29.496Z","etag":null,"topics":["dns","security","subdomain-takeover"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mdeous.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2021-10-13T14:59:35.000Z","updated_at":"2025-08-19T07:45:36.000Z","dependencies_parsed_at":"2023-12-29T14:26:01.802Z","dependency_job_id":"cadff45e-31b2-4822-98f9-826735543396","html_url":"https://github.com/mdeous/dnscheck","commit_stats":null,"previous_names":[],"tags_count":13,"template":false,"template_full_name":null,"purl":"pkg:github/mdeous/dnscheck","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mdeous%2Fdnscheck","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mdeous%2Fdnscheck/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mdeous%2Fdnscheck/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mdeous%2Fdnscheck/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mdeous","download_url":"https://codeload.github.com/mdeous/dnscheck/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mdeous%2Fdnscheck/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28426457,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T16:38:47.836Z","status":"ssl_error","status_checked_at":"2026-01-14T16:34:59.695Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dns","security","subdomain-takeover"],"created_at":"2026-01-14T16:47:54.128Z","updated_at":"2026-01-14T16:47:54.886Z","avatar_url":"https://github.com/mdeous.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![Build](https://github.com/mdeous/dnscheck/actions/workflows/build.yml/badge.svg)](https://github.com/mdeous/dnscheck/actions/workflows/build.yml)\n\n# dnscheck\n\n## Introduction\n\n`dnscheck` is a tool that reads a list of domains from a file and checks them for the following issues:\n\n- CNAME records pointing to an unclaimed resource (e.g. S3 bucket, GitHub pages, Azure CloudApp, etc.)\n- CNAME records pointing to an unregistered domain\n- Zone delegations pointing to an unclaimed zone\n\nDetection of CNAMEs pointing to unclaimed resources is based on the information available\nin [can-i-takeover-xyz](https://github.com/EdOverflow/can-i-take-over-xyz).\n\n## Yet another DNS takeover tool?\n\nYes! Because:\n\n1. I wanted to understand these vulnerabilities better, and what's better for that than writing a tool to detect them?\n2. I couldn't find a tool that I liked enough and that would check both dangling CNAMEs and zone takeovers.\n   (which doesn't mean such a tool doesn't exist!)\n\nIf you like this tool, use it  (I'll be happy if you do), if you want to improve it, please open\nan issue, or even better, submit a PR, and if you don't like it, a list of [alternatives](#alternatives) is provided\nbelow.\n\n## Usage\n\n### Installation\n\n#### From sources\n\nClone the repository and build the application:\n\n```shell\ngit clone https://github.com/mdeous/dnscheck\ncd dnscheck\nmake\n```\n\nYou can then use the `dnscheck` binary that has been generated in the repository folder.\n\nor\n\nInstall the application directly with Go:\n\n```shell\ngo install https://github.com/mdeous/dnscheck@latest\n```\n\nYou should then have `dnscheck` available in your `PATH` (assuming you have a properly configured Go environment).\n\n#### Pre-built binaries\n\nPre-built binaries for the most common architectures can be downloaded from the\nproject's [latest release page](https://github.com/mdeous/dnscheck/releases/latest).\nAfter downloading it, simply make the file executable and run it as described below.\n\n### Checking domains for vulnerabilities\n\nDomains to be checked can be provided either in bulk via a file passed to the `-D`/`--domains-file`\nargument, or as a single domain passed to the `-d`/`--domain` argument. For nore control over the scan\nbehavior, please refer to the other arguments as described below.\n\nHelp:\n\n```\n❯ ./dnscheck -h\nSubdomain takeover assessment tool\n\nUsage:\n  dnscheck [flags]\n  dnscheck [command]\n\nAvailable Commands:\n  completion  Generate the autocompletion script for the specified shell\n  help        Help about any command\n  version     Show program version\n\nFlags:\n  -d, --domain string         single domain to check\n  -D, --domains-file string   file containing domains to check (default \"domains.txt\")\n  -e, --edge-cases            include edge-case fingerprints (might cause false positives)\n  -f, --fingerprints string   custom service fingerprints file\n  -h, --help                  help for dnscheck\n  -o, --output string         file to write findings to\n  -s, --summary               show summary at the end of the scan\n  -t, --timeout uint          timeout for HTTP requests (default 10)\n  -v, --verbose               increase application verbosity\n  -w, --workers int           amount of concurrent workers (default 10)\n\nUse \"dnscheck [command] --help\" for more information about a command.\n```\n\nExample output:\n\n```\n❯ ./dnscheck -D domains.txt -e\n2023/07/31 22:43:01 - INFO - Multi domains mode (domains.txt)\n2023/07/31 22:43:01 - INFO - Edge-case rules enabled\n2023/07/31 22:43:01 - INFO - Checking vuln-beanstalk.something.io\n2023/07/31 22:43:01 - INFO - Checking vuln-airee.something.io\n2023/07/31 22:43:01 - INFO - Checking vuln-s3.something.io\n2023/07/31 22:43:01 - INFO - Checking vuln-unregistered.something.io\n2023/07/31 22:43:01 - INFO - Checking vuln-smartjobboard.something.io\n2023/07/31 22:43:01 - INFO - Checking vuln-createsend.something.io\n2023/07/31 22:43:01 - VULNERABLE DOMAIN - [service: AWS/Elastic Beanstalk] vuln-beanstalk.something.io -\u003e dkfjbgdf.us-east-1.elasticbeanstalk.com [type=dangling_cname_record method=cname_nxdomain] (confidence: high)\n2023/07/31 22:43:01 - VULNERABLE DOMAIN - [service: SmartJobBoard] vuln-smartjobboard.something.io -\u003e 52.16.160.97 [type=dangling_cname_record method=a_body_pattern] (confidence: high)\n2023/07/31 22:43:01 - VULNERABLE DOMAIN - [service: n/a] vuln-unregistered.something.io -\u003e fhjxbgisfubvgbgfusf.io [type=unregistered_domain method=soa_check] (confidence: unknown)\n2023/07/31 22:43:02 - VULNERABLE DOMAIN - [service: Campaign Monitor] vuln-createsend.something.io -\u003e 13.52.43.40,54.183.0.47,13.52.43.40,54.183.0.47,54.183.0.47,13.52.43.40 [type=dangling_cname_record method=body_pattern] (confidence: medium)\n2023/07/31 22:43:02 - VULNERABLE DOMAIN - [service: Airee.ru] vuln-airee.something.io -\u003e mdeous.airee.ru [type=dangling_cname_record method=cname_body_pattern] (confidence: high)\n2023/07/31 22:43:04 - VULNERABLE DOMAIN - [service: AWS/S3] vuln-s3.something.io -\u003e skhjfgbidkfgbisdkfghb.s3.amazonaws.com [type=dangling_cname_record method=cname_body_pattern] (confidence: high)\n2023/07/31 22:43:04 - INFO - Scan complete\n```\n\n## Alternatives\n\n- [can-i-takeover-xyz](https://github.com/EdOverflow/can-i-take-over-xyz)\n- [subjack](https://github.com/haccer/subjack)\n- [tko-sub](https://github.com/anshumanbh/tko-subs)\n- [domain-protect](https://github.com/ovotech/domain-protect)\n- [takeover](https://github.com/m4ll0k/takeover)\n- and [many more](https://www.google.com/search?q=%28dns+OR+domain%29+takeover+site%3Agithub.com)...\n\n## License\n\nThis project is licensed under the terms of the MIT License.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmdeous%2Fdnscheck","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmdeous%2Fdnscheck","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmdeous%2Fdnscheck/lists"}