[dns-operations] Interesting tool to search for dangling records (AKA subdomain takeovers)

Doug Barton dougb at dougbarton.email
Wed Nov 16 05:37:26 UTC 2022


https://developer.yahoo.com/blogs/20221021/


Open Sourcing Subdomain Sleuth

Subdomain Sleuth is a new open source project built by the Yahoo DNS 
team, designed to help you defend your infrastructure against subdomain 
takeover attacks. This type of attack is especially dangerous for 
phishing attacks and cookie theft. It reads your zone files, identifies 
multiple types of possible takeovers, and generates a report of the 
dangerous records.

(trigger warning, it's written in Go)  :)


More information about the dns-operations mailing list