subjack

Subjack is a Subdomain Takeover tool written in Go designed to scan a list of subdomains concurrently and identify ones that are able to be hijacked. With Go's speed and efficiency, this tool really stands out when it comes to mass testing. Always double-check the results manually to rule out false positives. Subjack will also check for subdomains attached to domains that don't exist (NXDOMAIN) and are available to be registered. No need for dig ever again! This is still cross-compatible too. You can use scanio.sh which is kind of a PoC script to mass-locate vulnerable subdomains using results from Rapid7's Project Sonar. This script parses and greps through the dump for desired CNAME records and makes a large list of subdomains to check with subjack if they're vulnerable to Hostile Subdomain Takeover. Of course, this isn't the only method to get a large amount of data to test.

Features

Custom fingerprint support
New Services (Re-added Zendesk && Added Readme, Bitly, and more)
Slight performance enhancements
Requires Go
Add subjack to your workflow
Subjack will also check for subdomains attached to domains that don't exist

Project Samples

Project Activity

See All Activity >

License

Apache License V2.0

Follow subjack

subjack Web Site

Other Useful Business Software

Stop Cyber Threats with VM-Series Next-Gen Firewall on Azure

Native application identity and user-based security for your Azure cloud

Gain integrated visibility across all traffic in a single pass. Deploy Palo Alto Networks VM-Series to determine application identity and content while automating security policy updates via rich APIs.

Get a free trial

Rate This Project

User Reviews

Be the first to post a review of subjack!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Related Categories

Go Frameworks

Registered

2023-01-27

Similar Business Software

React

React makes it painless to create interactive UIs. Design simple views for each state in your application, and React will efficiently update and render just the right components when your data changes. Declarative views make your code more predictable and easier to debug. Build encapsulated...

See Software
Webix

JavaScript UI library and framework for speeding up web development. JS Framework for cross-platform web Apps development 102 UI widgets and feature-rich CSS / HTML5 JavaScript controls. Save at least 3000+ development hours by using ready-made widgets and UI controls. Develop Web UI 30% faster....

See Software
Mithril.js

Mithril.js is a modern client-side JavaScript framework for building Single Page Applications. It's small (< 10kb gzip), fast and provides routing and XHR utilities out of the box. Mithril.js is used by companies like Vimeo and Nike, and open source platforms like Lichess. If you are an...

See Software
PHPixie

PHPixie is easy to learn and does not rely on automatic; you will always be in charge of what's happening. Designed for speed since first release and proven by independent benchmarks. Built using components that can be used without the framework. Linear execution flow, no static code, and low...

See Software
Expo

Expo is an open source platform that enables developers to create universal native apps using React. It offers a comprehensive ecosystem of tools and services designed to streamline the development, review, and deployment processes. With Expo, developers can initialize new projects or integrate...

See Software
Nancy

Welcome to Nancy, our main inspiration is the Sinatra framework for Ruby and, hence, Nancy was named after the daughter of Frank Sinatra. NancyFx is the name of the umbrella project that contains all the components. Nancy is a lightweight, low-ceremony, framework for building HTTP-based services...

See Software