Subdomain takeover tools


Subdomains can be vulnerable to a takeover attack when it is pointing to an external service (e.g. GitHub pages). This is the case when the destination of the CNAME has been removed. It will result in a redirect to a location that is most likely not configured properly. This allows an attacker to set up a page and hijack that subdomain.


Subdomain takeover tools are typically used for security assessment.


Pentesters, security professionals

Tools overview

ToolDescriptionLatest releaseScore
SubOverSubdomain takeover tool 64