SubOver

LSE toolsLSE toolsSubOver (390)SubOver (390)

Tool and Usage

Project details

License
BSD 2-clause
Programming language
Golang
Author
Nizamul Rana
Latest release
1.2
Latest release date

Project health

60
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

SubOver is considered a hostile tool to take over a subdomain. It can be used during pentesting and security assessments to discover unconfigured subdomains.

How it works

The tool checks subdomains and determines if a CNAME record is used. If that is the case, it compares the CNAME value with a list of well-known providers. If there is a match, an HTTP GET request is made. The output of this page is compared with text strings for that provider that may indicate a default setup page. This is when the match is displayed to the user of the tool.

Background information

The project was originally created in Python, but later rewritten in Golang for performance and educational reasons by the author.

Usage and audience

SubOver is commonly used for security assessment. Target users for this tool are pentesters and security professionals.

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + The source code is easy to read and understand
  • + The source code of this software is available

Weaknesses

  • - No releases on GitHub available

Author and Maintainers

SubOver is under development by Nizamul Rana.

Installation

Supported operating systems

SubOver is known to work on Linux.

SubOver alternatives

Similar tools to SubOver:

64

altdns

Altdns is a security tool to discover subdomains during pentesting. Read this review to learn how it works and how to use it.

60

SubFinder

SubFinder is a subdomain discovery tool. This can be useful to learn more about a particular target and available subdomains.

60

Sublist3r

Sublist3r is a security tool to scan a domain and attempt the discovery of underlying subdomains. This can be used during pentesting and security assessments.

All SubOver alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Categories

This tool is categorized as a subdomain scanner and subdomain takeover tool.

Related topics