0004551: subjack - Hostile Subdomain Takeover tool

ID	Project	Category	View Status	Date Submitted	Last Update

0004551	Kali Linux	Queued Tool Addition	public	2018-02-21 21:26	2020-06-17 14:57

Reporter	god	Assigned To
Priority	normal	Severity	minor	Reproducibility	N/A
Status	acknowledged	Resolution	open

Summary	0004551: subjack - Hostile Subdomain Takeover tool
Description	Name: subjack Version: v1.0 Homepage: https://github.com/haccer/subjack Download: https://github.com/haccer/subjack/archive/1.0.tar.gz Author: Cody Zacharias License: Apache License 2.0 ~ https://github.com/haccer/subjack/blob/master/LICENSE Description: subjack is a Hostile Subdomain Takeover tool written in Go designed to scan a list of subdomains concurrently and identify ones that are able to be hijacked via unclaimed cloud services. Dependencies: Go Similar tools: tko-subs, HostileSubBruteforcer -- neither are featured in Kali Activity: Project started in October 2017 and actively being maintained. How to install: go build subjack.go How to use: ./subjack -w domains.txt -t 100 -o results.txt -- The -w flag is for the wordlist of subdomains, -t flag is for threads, and the -o flag is where output gets written to. I believe there are no tools in Kali Linux similar to this or check for subdomains vulnerable to a Hostile Subdomain Takeover attack. This tool would be useful for pentesters and bug bounty hunters.

Date Modified	Username	Field	Change
2018-02-21 21:26	god	New Issue
2020-02-10 14:03	g0tmi1k	Note Added: 0012077
2020-02-10 14:03	g0tmi1k	Category	New Tool Requests => Queued Tool Addition
2020-02-13 14:23	g0tmi1k	Status	new => acknowledged
2020-06-17 14:57	g0tmi1k	Severity	feature => minor

g0tmi1k 2020-02-10 14:03 administrator ~0012077	@kali-team, please could this be packaged up. @author, If you want to help the packaging process, you can check the documentation here ~ https://www.kali.org/docs/development/public-packaging