Information security training experts from MindPoint Group, an information security firm, have hijacked over 2,000 subdomains from legitimate websites while researching possible vulnerabilities in Amazon’s CloudFront CDN service. Experts found that CloudFront’s CDN routing mechanism that linked a site’s domain and subdomains to a specific server contained a flaw that allowed attackers to point misconfigured […]
SubDomain Analyzer is a Python-based tool that allows you to gather detailed information about a selected domain. It gathers data from a domain by following these steps: Trying to get the zone transfer file. Gathers all information from DNS records. Analyzing the DNS records (Analyzing all IP’s addresses from DNS records and test class C […]
Anubis is a subdomain enumeration and information gathering tool. Anubis collates data from a variety of sources, including HackerTarget, DNSDumpster, x509 certs, VirusTotal, Google, Pkey, and NetCraft. Anubis also has a sister project, AnubisDB, which serves as a centralized repository of subdomains. Subdomains are automatically sent to AnubisDB – to disable this functionality, pass the […]
Listing subdomains about the main domain using the technique called Hacking with search engines. Usage usage: n4xd0rk.py [-h] [-d DOMAIN] [-i IP] -o OPTION -n SEARCH [-e EXPORT] [-l LANGUAGE] This script searchs the subdomains about a domain using the results indexed of Bing search. optional arguments: -h, –help show this help message and exit […]
Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu, and Ask. Sublist3r also enumerates subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster, and […]
subjack is a Hostile Subdomain Takeover tool written in Go designed to scan a list of subdomains concurrently and identify ones that are able to be hijacked. With Go’s speed and efficiency, this tool really stands out when it comes to mass-testing. Always double check the results manually to rule out false positives. Installing You […]
Fierce is an open source active information gathering tool to identify subdomains of a target website. This tool was written by Robert Hansen. It’s a PERL script that quickly scans domains (usually in just a few minutes, assuming no network lag) using several tactics. The tool comes pre-installed by default in Kali Linux from Offensive-Security. The […]
The Kurdish defacer is known for defacing high-profile website with messages against the so-called Islamic State and the Republic of Turkey! A Kurdish hacker going by the online handle of MuhmadEmad hacked and defaced 4 sub-domain belonging to Dell, the world renowned multinational computer technology company. MuhmadEmad, who is a well-known voice of Kurdish people was last […]
From the following steps SubDomain-Analyzer gets data from a domain: Get the zone transfer file Gathers all the information from DNS records Analyzing DNS records Tests sub domains by dictionary attack sudo apt-get install python-dev python-pip sudo pip install -r requirements.txt easy_install prettytable Install Xcode Command Line Tool (From AppStore) sudo easy_install pip, prettytable sudo […]
Did you notice the pro-ISIS hackers are targeting high-profile websites without any restriction? Yesterday, we exclusively reported how the State Ministry for Euro-Atlantic Integration of Georgia, NATO website was hacked by The Islamic State hackers. Today, the same group has hacked and defaced the subdomain of Illinois-based Argonne National Laboratory website, owned and funded by the U.S. […]
Summary: Yesterday, it was the pro-Assad hackers from Syrian Electronic Army who took over the US Army website, today the pro-Palestinian hackers took over US Air Force domains — Both US Army and Airforce domains were hacked two days after Obama’s call for stronger cybersecurity for Americans. The Palestinian friendly hackers from AnonGhost hacked and defaced two […]
A group of hackers going with the handle of Indonesian Cyber Freedom has hacked and defaced a sub-domain of the United Nations website, just few hours ago. The targeted sub-domain belongs to GEF Small Grants Programme of the United Nations Development Programme (UNDP). Hackers left a deface page along with a message on the hacked UNDP domain. The […]
The famous Bangladeshi hackers from 3xp1r3 Cyber Army are back in action. This time the hackers hacked and defaced the sub-domain of the official Arizona Department of Emergency & Military Affairs (DEMA) on Feb 2nd, 2015. The targeted sub-domain belongs to AZARNG | Arizona Army National Guard (Environmental Division). Hackers left a deface page along with a message […]