Jump to content
YOUR-AD-HERE
HOSTING
TOOLS

Locked Sub404: check subdomain takeover vulnerability

itsMe

By MASTERitsMe
in Pentesting

 Share

Recommended Posts

itsMe Master Hacker

MASTERitsMe

Posted
Posted

This is the hidden content, please

Sub 404 is a tool written in python which is used to check the possibility of subdomain takeover vulnerability and it is fast as it is Asynchronous.

Why

During the recon process, you might get a lot of subdomains(e.g more than 10k). It is not possible to test each manually or with traditional requests or the urllib method as it is very slow. Using Sub 404 you can automate this task in a much faster way. Sub 404 uses aiohttp/asyncio which makes this tool asynchronous and faster.

How it works

Sub 404 uses subdomains list from a text file and checks for url of 404 Not Found status code and in addition, it fetches CNAME(Canonical Name) and removes those URL which has target domain name in CNAME. It also combines results from subfinder and sublist3r(subdomain enumeration tool) if you don’t have target subdomains as two is better than one. But for this sublist3r and subfinder tools must be installed in your system. Sub 404 is able to check 7K subdomains in less than 5 minutes.

Key Features:

– Fast( as it is Asynchronous)
– Uses two more tool to increase efficiency
– Saves result in a text file for future reference
– Umm that’s it, nothing much!

This is the hidden content, please

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.