Skip to content
/ SubPwnable Public

Are your (sub)domains pwnable ? SubPwnable is a simple Python tool designed to helps you answer this question.

6 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mathis2001/SubPwnable

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
README.md
README.md
 
 
subpwnable.py
subpwnable.py
 
 

Repository files navigation

SubPwnable

Are your (sub)domains pwnable? SubPwnable is a simple Python tool designed to help you answer this question by finding your inactive subdomains and looking up their CNAME records. Then you will need to check if the service used in your CNAME record is vulnerable in the known services list.

Install:

$ git clone https://github.com/mathis2001/SubPwnable

$ cd SubPwnable

$ python3 subpwnable.py

Requirements:

  • Python3

  • Pip3

  • dns.resolver

  • requests

  • cssselect

  • lxml.html

  • PrettyTable

Usage:

usage: ./subpwnable.py [-h] [-d domain] [-l domains list]

options:

optional arguments:
  -h, --help            show this help message and exit
  -d DOMAIN, --domain DOMAIN   Target a single domain
  -l DOMAIN LIST, --list DOMAIN LIST   Target a list of domains

Screens:

tempsnip

tempsnip

tempsnip

image

About

Are your (sub)domains pwnable ? SubPwnable is a simple Python tool designed to helps you answer this question.

Topics

cname bugbounty pentest subdomain-takeover

Resources

Readme
Activity

Stars

6 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages