Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/PentestPad/subzy

Subdomain takeover vulnerability checker
https://github.com/PentestPad/subzy

bugbounty cybersecurity security-research security-vulnerability subdomain-takeover

Last synced: 3 months ago
JSON representation

Subdomain takeover vulnerability checker

Host: GitHub
URL: https://github.com/PentestPad/subzy
Owner: PentestPad
License: gpl-2.0
Created: 2019-03-01T21:41:57.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2023-12-27T23:44:31.000Z (11 months ago)
Last Synced: 2024-05-19T06:06:12.006Z (6 months ago)
Topics: bugbounty, cybersecurity, security-research, security-vulnerability, subdomain-takeover
Language: Go
Homepage: https://www.pentestpad.com
Size: 6.59 MB
Stars: 876
Watchers: 22
Forks: 143
Open Issues: 4
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

WebHackersWeapons - subzy
awesome-hacking-lists - PentestPad/subzy - Subdomain takeover vulnerability checker (Go)

README

## Subzy

Subdomain takeover tool which works based on matching response fingerprints from [can-i-take-over-xyz](https://github.com/EdOverflow/can-i-take-over-xyz/blob/master/README.md)

![Subzy subdomain takeover](https://i.imgur.com/ggB8zKx.png "Subzy subdomain takeover")

### Installation

```bash
go install -v github.com/LukaSikic/subzy@latest
```

If `$GOBIN` and `$GOPATH` are [properly set](https://github.com/golang/go/wiki/SettingGOPATH#bash), execute the program as:

```bash
$ subzy --help
Subdomain takeover tool

Usage:
subzy [command]

Available Commands:
help Help about any command
run Run subzy
update Update local fingerprints.json file
version Print subzy version

Flags:
-h, --help help for subzy

Use "subzy [command] --help" for more information about a command.
```

If you get an error `exec format error: ./subzy`, you need to [install Golang](https://golang.org/doc/install) for your OS and compile the program by running `go build -o subzy main.go` which will generate new `subzy` binary file

### Options

Only required flag for `run` subcommand(`r` short version) is either `--target` or `--targets`

`--target` (string) - Set single or multiple (comma separated) target subdomain/s
`--targets` (string) - File name/path to list of subdomains
`--concurrency` (integer) - Number of concurrent checks (default 10)
`--hide_fails` (boolean) - Hide failed checks and invulnerable subdomains (default false)
`--https` (boolean) - Use HTTPS by default if protocol not defined on targeted subdomain (default false)
`--timeout` (integer) - HTTP request timeout in seconds (default 10)
`--verify_ssl` (boolean) - If set to true, it won't check site with invalid SSL

### Usage

Target subdomain can have protocol defined, if not `http://` will be used by default if `--https` not specifically set to true.

- List of subdomains
- ````./subzy run --targets list.txt````

- Single or multiple targets
- ```./subzy run --target test.google.com```
- ```./subzy run --target test.google.com,https://test.yahoo.com```

### Command aliases

Each `subzy` subcommand has its own short version. Running `subzy version` or `subzy v` is the same.

* run - r
* update - u
* version - v