# Subdomain Takeover Tools
[![Latest Package version](https://badge.fury.io/py/subdomain-takeover-tools.svg)](https://badge.fury.io/py/subdomain-takeover-tools)
[![Build status](https://img.shields.io/pypi/status/subdomain_takeover_tools.svg?maxAge=2592000)](https://pypi.python.org/pypi/subdomain_takeover_tools)
[![Supported versions](https://img.shields.io/pypi/pyversions/subdomain_takeover_tools.svg?maxAge=2592000)](https://pypi.python.org/pypi/subdomain_takeover_tools)
A set of tools to validate the initial outcome of [subtake](https://github.com/jakejarvis/subtake).
## Installation
1. Install using pip:
``pip install subdomain_takeover_tools``
for windows:
``py -m pip install subdomain_takeover_tools``
Alternatively, you can download or clone this repo and call ``pip install -e .``.
## Confirming takeovers
All scripts support the following two parameters:
- `--strict`: only report as vulnerable if the issue is not also applicable on `hostname.tld` and `www.hostname.tld`.
- `--inverse`: do inverse reporting, so report all subdomains that are not vulnerable
## Confirming S3
Subtake has some false positives on Google Cloud buckets as S3 buckets, also some access denied's end up in the results.
The script `confirm-s3.py` will make sure that the bucket is actually vulnerable.
```bash
grep "\[s3 bucket: " subtake-output.txt | confirm_s3
```
### Confirming ELB
Some patterns of elb are vulnerable while others are not, to filter them we can use our script:
```bash
grep "\[elasticbeanstalk: " subtake-output.txt | confirm_elb
```
*Note:* the parameter `--strict` is accepted here but will not lead to expected results.
### Confirming Shopify
It seems that
```bash
grep "\[shopify: " subtake-output.txt | confirm_shopify
```
## Separate tools
### Extracting domain names
As part of my process I want to know the domains involved in my findings.
Example usage:
```bash
< subtake-output.txt | cut -f3 | python3 extract_domain_names.py | sort -u > involved.domains
```
没有合适的资源?快使用搜索试试~ 我知道了~
温馨提示
共25个文件
py:15个
txt:5个
pkg-info:2个
资源分类:Python库 所属语言:Python 资源全名:subdomain_takeover_tools-0.6.0.tar.gz 资源来源:官方 安装方法:https://lanzao.blog.csdn.net/article/details/101784059
资源推荐
资源详情
资源评论
收起资源包目录
subdomain_takeover_tools-0.6.0.tar.gz (25个子文件)
subdomain_takeover_tools-0.6.0
PKG-INFO 3KB
subdomain_takeover_tools
confirm_azure_app_service.py 619B
confirm_azure_traffic_manager.py 1KB
confirm_s3.py 941B
extract_domain_names.py 227B
__init__.py 22B
authoritive_resolve.py 3KB
confirm_shopify.py 738B
helper
main.py 2KB
prepare.py 684B
__init__.py 0B
credential_wrapper.py 2KB
confirm_elb.py 528B
subdomain_takeover_tools.egg-info
PKG-INFO 3KB
requires.txt 80B
SOURCES.txt 919B
entry_points.txt 443B
top_level.txt 31B
dependency_links.txt 1B
tests
__init__.py 0B
test_extract_domain_names.py 99B
LICENSE 1KB
setup.cfg 38B
setup.py 4KB
README.md 2KB
共 25 条
- 1
资源评论
挣扎的蓝藻
- 粉丝: 13w+
- 资源: 15万+
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功