https://github.com/0xcrypto/takeover

A script to test for subdomain takeovers from a list of domains
https://github.com/0xcrypto/takeover

bugbounty hacking subdomain-takeover

Last synced: 5 months ago
JSON representation

A script to test for subdomain takeovers from a list of domains

• Host: GitHub
• URL: https://github.com/0xcrypto/takeover
• Owner: 0xcrypto
• License: mit
• Created: 2021-05-10T10:40:23.000Z (about 5 years ago)
• Default Branch: develop
• Last Pushed: 2023-02-18T18:33:38.000Z (over 3 years ago)
• Last Synced: 2025-09-29T19:06:46.059Z (9 months ago)
• Topics: bugbounty, hacking, subdomain-takeover
• Language: Python
• Homepage: https://pypi.org/project/takeover.py
• Size: 38.1 KB
• Stars: 12
• Watchers: 1
• Forks: 1
• Open Issues: 3
• Metadata Files:
  • Readme: README.md
  • License: LICENSE.md

Awesome Lists containing this project

README

          
# takeover.py

A script to test for subdomain takeovers from a list of domains. Fingerprints are taken from https://github.com/EdOverflow/can-i-take-over-xyz.

[![Twitter](https://img.shields.io/twitter/url?style=social&url=https%3A%2F%2Fgithub.com%2F0xcrypto%2Ftakeover)](https://twitter.com/intent/tweet?text=Wow:&url=https%3A%2F%2Fgithub.com%2F0xcrypto%2Ftakeover)

## Installation

```

pip install takeover.py

```

After installation, make sure to configure the config.json file. You can also copy it from the github repository and use with `--config` flag.

## Usage

A single target

```

echo blog.example.com | takeover -

```

Multiple Targets:

```bash

subfinder -d "example.com" -silent | takeover -

# or

subfinder -d "example.com" -silent | takeover /dev/stdin

```

Notifications:

```bash

subfinder -d "example.com" -silent | takeover - --notify Discord

```

## Note

* The output is a lot verbose so it is recommended to use a third party webhook service like discord, slack to get notified. 

* Some fingerprints are not well formatted to be matched. For example, in WordPress, the fingerprint is `Do you want to register *.wordpress.com?`, however this is not an exact match and correct fingerprint should be `Do you want to register example.wordpress.com?`. To fix this, you can give your own file for fingerprints with either in `config.json` or with `--services` flag.

## Contribute

* Feel free to submit a PR or new issues on GitHub.

## License

[LICENSE.md](LICENSE.md)

## Disclaimer

An excerpt from the License: "IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE."