Subdomain takeover tools


Subdomains can be vulnerable to a takeover attack when it is pointing to an external service (e.g. GitHub pages). This is the case when the destination of the CNAME has been removed. It will result in a redirect to a location that is most likely not configured properly. This allows an attacker to set up a page and hijack that subdomain.


Subdomain takeover tools are typically used for security assessment.

Users for these tools include pentesters and security professionals.


Popular subdomain takeover tools

SubOver (subdomain takeover tool)

security assessment

SubOver is considered a hostile tool to take over a subdomain. It can be used during pentesting and security assessments to discover unconfigured subdomains.

Missing a favorite tool in this list? Share a tool suggestion and we will review it.

Related topics

Looking for more specific topics within this tool group? Have a look at the following relevant topics.