Skip to content
/ takeover Public

A tool for testing subdomain takeover possibilities at a mass scale.

License

Notifications You must be signed in to change notification settings

mzfr/takeover

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

33 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

I would recommend using NtHiM

takeover

Since Ice3man543 decided to discontinue the devlopment of their tool i.e SubOver, I thought it would be nice to revive this tool.

FAQs

Why?

The major reason behind reviving this tool would be to be able to perform subdomain takeover check on a mass scale. By mass scale I mean is that sometime what happens in that you have a program with a very large scope and loads of domains. Now if you're a monster than you'll have all the subdoma under a single file called domain.txt or something similar. But if you are a sane person than you'd like to keep all subdomains of a root domain in one file and this way there can be loads of files. So it would be better if we can just pass the path to the folder and relax.

Why not use one liner?

yeah I know that I can write a one liner combined with tools like nuclei or subjack but I kind don't want to :)

Why not use subjack?

I don't know why but I've had issue in installing subjack on digital ocean VPN. Whenever I try to pull it using go get it just hangs there. Also I am not sure if its under active development cause I noticed there are loads of pending issues and Pull requests.

Can I use different Providers list?

Currently no, but I plan to add this feature so like you can use file from subjack or if you make your own.

Options

  -d string
        directory having files of domains
  -https
        Force HTTPS connections
  -l string
        List of hosts to check takeovers on
  -p string
        Path of the providers file
  -t int
        Number of threads to use (default 20)
  -timeout int
        Seconds to wait before timeout (default 10)
  -v    Show verbose output

Usage

The usage is same as it was.

  • For hunting on the same list:
takeover -l <subdomain-list.txt>
  • For testing a directory with all the subdomain list
takeover -d <directory>

Make sure the directory doesn't have any other file otherwise the process will take extra time. Also the tool might crash(I'm still learning golang.)

Installation

You can download the binary from the release page. Also if you want you can clone this repository and build the binary yourself.

If you have go compiler installed then you can use go get github.com/mzfr/takeover.

NOTE: takeover uses provider.json file. So either have a file named providers.json in your current working directory you can provide the path via -p flag.

Acknowledgements and Credits

Thanks to Ice3man543 for making SubOver

Support

If you'd like you can buy me some coffee:

Buy Me A Coffee