Subdomain takeover tools


Subdomains can be vulnerable to a takeover attack when it is pointing to an external service (e.g. GitHub pages). This is the case when the destination of the CNAME has been removed. It will result in a redirect to a location that is most likely not configured properly. This allows an attacker to set up a page and hijack that subdomain.


Subdomain takeover tools are typically used for security assessment.

Users for these tools include pentesters, security professionals.


SubOver (subdomain takeover tool)

security assessment

SubOver is considered a hostile tool to take over a subdomain. It can be used during pentesting and security assessments to discover unconfigured subdomains.

Missing a favorite tool in this list? Share a tool suggestion and we will review it.