subjack
Subjack is a Subdomain Takeover tool written in Go designed to scan a list of subdomains concurrently and identify ones that are able to be hijacked. With Go’s speed and efficiency, this tool really stands out when it comes to mass-testing. Always double-check the results manually to rule out false positives
Details
Category: Misconfiguration
Publisher: trickest
Created Date: 6/23/2021
Container: quay.io/trickest/subjack:49c51e5-patch-1
Source URL: https://github.com/haccer/subjack
Parameters
Command:
-d - DomainCommand:
-t - Number of concurrent threads (Default: 10).Command:
-v - Display more information per each request.Command:
-w - Wordlist file.Command:
-ssl - Force HTTPS connections (May increase accuracy (Default: http://).Command:
-c - Path to configuration file.Command:
-timeout - Seconds to wait before connection timeout (Default: 10).Command:
-a - Find those hidden gems by sending requests to every URL. (Default: Requests are only sent to URLs with identified CNAMEs)Command:
-m - Flag the presence of a dead record, but valid CNAME entry.