View Issue Details

IDProjectCategoryView StatusLast Update
0004551Kali LinuxQueued Tool Additionpublic2024-04-30 08:33
Reportergod Assigned Todaniruiz  
Status resolvedResolutionfixed 
Summary0004551: subjack - Hostile Subdomain Takeover tool

Name: subjack
Version: v1.0
Author: Cody Zacharias
License: Apache License 2.0 ~
Description: subjack is a Hostile Subdomain Takeover tool written in Go designed to scan a list of subdomains concurrently and identify ones that are able to be hijacked via unclaimed cloud services.
Dependencies: Go
Similar tools: tko-subs, HostileSubBruteforcer -- neither are featured in Kali
Activity: Project started in October 2017 and actively being maintained.
How to install: go build subjack.go
How to use: ./subjack -w domains.txt -t 100 -o results.txt -- The -w flag is for the wordlist of subdomains, -t flag is for threads, and the -o flag is where output gets written to.

I believe there are no tools in Kali Linux similar to this or check for subdomains vulnerable to a Hostile Subdomain Takeover attack. This tool would be useful for pentesters and bug bounty hunters.




2020-02-10 14:03

administrator   ~0012077

@kali-team, please could this be packaged up.
@author, If you want to help the packaging process, you can check the documentation here ~



2024-04-30 08:33

manager   ~0019227

This tool is already packaged

Issue History

Date Modified Username Field Change
2018-02-21 21:26 god New Issue
2020-02-10 14:03 g0tmi1k Note Added: 0012077
2020-02-10 14:03 g0tmi1k Category New Tool Requests => Queued Tool Addition
2020-02-13 14:23 g0tmi1k Status new => acknowledged
2020-06-17 14:57 g0tmi1k Severity feature => minor
2024-04-30 08:33 daniruiz Note Added: 0019227
2024-04-30 08:33 daniruiz Assigned To => daniruiz
2024-04-30 08:33 daniruiz Status acknowledged => resolved
2024-04-30 08:33 daniruiz Resolution open => fixed