[dns-operations] Interesting tool to search for dangling records (AKA subdomain takeovers)
Doug Barton
dougb at dougbarton.email
Wed Nov 16 05:37:26 UTC 2022
https://developer.yahoo.com/blogs/20221021/
Open Sourcing Subdomain Sleuth
Subdomain Sleuth is a new open source project built by the Yahoo DNS
team, designed to help you defend your infrastructure against subdomain
takeover attacks. This type of attack is especially dangerous for
phishing attacks and cookie theft. It reads your zone files, identifies
multiple types of possible takeovers, and generates a report of the
dangerous records.
(trigger warning, it's written in Go) :)
More information about the dns-operations
mailing list