Subdominator is an open source tool with a command line interface for identifying subdomain takeovers. This tool comes from StratusSecurity, an Australian security company. The source code is available at https://github.com/Stratus-Security/Subdominator
How to use it
Using the snap is pretty straight forward.
To quickly check a list of domains, simply run:
subdominator -l subdomains.txt -o takeovers.txt
Or to quickly check a single domain, run:
subdominator -d sub.example.com
Options
-d, --domain <domain> A single domain to check
-l, --list <list> A list of domains to check (line delimited)
-o, --output <output> Output subdomains to a file
-t, --threads <threads> Number of domains to check at once [default: 50]
-v, --verbose Print extra information
-eu, --exclude-unlikely Exclude unlikely (edge-case) fingerprints
--validate Validate the takeovers are exploitable (where possible)
--version Show version information
-?, -h, --help Show help and usage information
Thank you for your report. Information you provided will help us investigate further.
There was an error while sending your report. Please try again later.
You are about to open
Do you wish to proceed?
Snaps are applications packaged with all their dependencies to run on all popular Linux distributions from a single build. They update automatically and roll back gracefully.
Snaps are discoverable and installable from the Snap Store, an app store with an audience of millions.
Snap can be installed on elementary OS from the command line. Open Terminal from the Applications launcher and type the following:
sudo apt update
sudo apt install snapd
Either log out and back in again, or restart your system, to ensure snap’s paths are updated correctly.
To install subdominator, simply use the following command:
sudo snap install subdominator
Browse and find snaps from the convenience of your desktop using the snap store snap.
Interested to find out more about snaps? Want to publish your own application? Visit snapcraft.io now.
