Second Order Subdomain Takeover Scanner Tool scans web applications for second-order subdomain takeover by crawling the application and collecting URLs (and other data) that match specific rules or respond in a specific way.
Using Second Order Subdomain Takeover Scanner Tool
Command line options:
Base link to start scraping from (default « http://127.0.0.1 »)
Configuration file (default « config.json »)
Print visited links in real-time to stdout
Directory to save results in (default « output »)
go run second-order.go -base https://example.com -config config.json -output example.com -concurrency 10
Config File for Second Order Subdomain Takeover Scanner Tool
Example configuration file included (config.json)
- Headers: A map of headers that will be sent with every request.