Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mathis2001/subpwnable
Are your (sub)domains pwnable ? SubPwnable is a simple Python tool designed to helps you answer this question.
https://github.com/mathis2001/subpwnable
bugbounty cname pentest subdomain-takeover
Last synced: 4 days ago
JSON representation
Are your (sub)domains pwnable ? SubPwnable is a simple Python tool designed to helps you answer this question.
- Host: GitHub
- URL: https://github.com/mathis2001/subpwnable
- Owner: mathis2001
- Created: 2022-07-06T14:59:22.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2022-07-08T13:15:09.000Z (over 2 years ago)
- Last Synced: 2023-03-05T04:03:34.183Z (over 1 year ago)
- Topics: bugbounty, cname, pentest, subdomain-takeover
- Language: Python
- Homepage:
- Size: 16.6 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# SubPwnable
Are your (sub)domains pwnable? SubPwnable is a simple Python tool designed to help you answer this question by finding your inactive subdomains and looking up their CNAME records. Then you will need to check if the service used in your CNAME record is vulnerable in the known services list.
## Install:
```bash
$ git clone https://github.com/mathis2001/SubPwnable
$ cd SubPwnable
$ python3 subpwnable.py
```
## Requirements:
- Python3
- Pip3
- dns.resolver
- requests
- cssselect
- lxml.html
- PrettyTable
## Usage:
```bash
usage: ./subpwnable.py [-h] [-d domain] [-l domains list]
```
## options:
```bash
optional arguments:
-h, --help show this help message and exit
-d DOMAIN, --domain DOMAIN Target a single domain
-l DOMAIN LIST, --list DOMAIN LIST Target a list of domains
```
## Screens:
