Getting started
Knowledge hub
- Overview
-
-
- 34 M Wordlist Subdomain Brute Force
- Asn Based Network Scan
- Asset Discovery and Vulnerability Scanning
- Custom Subdomain Brute Force Wordlist From Ip Ranges
- Enumerate Cloud Resources
- Full Subdomain Enumeration
- Get Ips and Cnames
- Getdns
- Github Recon and Scanner
- Hostnames S3 Bucket Finder
- Simple Content Discovery
-
-
- amass
- anew
- apkurlgrep
- assetfinder
- cent
- cero
- cewl
- cloudenum
- crosslinked
- dnsdumpster-dns-lookup
- dnsdumpster-host-search
- dnstwist
- dnsvalidator
- dsieve
- dumpsterdiver
- eyeballer
- ffuf
- find-gh-poc
- findomain
- gau
- generate-yaml-report
- get-asn-prefixes
- get-trickest-output
- gf
- github-subdomains
- goaltdns
- gospider
- gotator
- hakcheckurl
- httprobe
- httpx
- infoga
- ipinfo
- jldc-subdomains
- katana
- mapcidr
- mass-linkfinder
- masscan
- massdns
- meg
- mksub
- naabu
- notify
- nrich
- nuclei
- oneforall
- puredns
- pymeta
- s3scanner
- securitytrails-subdomains
- spiderfoot
- sslyze
- subdomainizer
- subfinder
- tlsx
- uncover
- unfurl
- uro
- vita
- webanalyze-1
- webanalyze
- x8
Tutorials
- Creating a Workflow
- Downloading a Result
- Executing a Workflow
- How Do Machines Work
- Keeping Track of a Run
- Navigating in Workflow Editor
- Overview
- Saving a Workflow and History
- Scheduling a Workflow
- Using Workflows From Library
Concepts
Check For Subdomain Takeover
A subdomain takeover is a type of cyber attack in which an attacker is able to gain control of a subdomain that is no longer in use or has not been properly configured. This can allow the attacker to use the subdomain to host malicious content, phish for sensitive information, or perform other malicious activities.
Complexity: basic
Category: Vulnerability Scan & Management
Tools
Setup
You can set up this workflow by changing nuclei url-list input value:
- TARGETS - provide a file containing subdomains/hostnames list, as a target
Workflow Targets Setup
Execution and results
After setup workflow is ready to be executed. Once workflow’s last node, nuclei tool, is finished result can be viewed and downloaded.
nuclei tool will contain all of the possible subdomain takeovers.
nuclei stdout of subdomain takeover workflow
Try it out!
This workflow is available in the Library, you can copy it and execute it immediately!
Improve this workflow
- Add more nuclei takeover templates
- Get all DNS records and filter them in search for more attack vectors
- Execute nuclei through batch-output
- use notify to send newly found results via anew
Get a Video Demo
Fill out and submit this form to receive an in-depth video demo of the Trickest platform.
Talk To Sales
Fill out the form and we'll get back to you about any questions you have on our products, services, pricing, or scheduling a demo.