Abstract
In the olden days, static websites were hosted on a server and the domain name DNS record was pointed to the server IP address. But now applications are very complex and involve several cloud and SaaS services. Websites include several subdomains that are used to organize and navigate different parts of the main web application. This has led to an increase in the threat landscape. One of the most common exploits in this class is Subdomain Takeover. The websites are vulnerable to this exploit when the web contents hosted on a cloud or SaaS service are deleted but the DNS entry was not disabled/deleted. The attacker can gain control over the subdomain and host malicious content. Lately, there has been an influx in the number of subdomain takeover exploits reported to organization vulnerability disclosure programs. Thus, it is very important to create awareness so that organizations can take precautions. This article will describe several tools that can be used to automate the discovery of vulnerable subdomains so that appropriate mitigations can be applied.
Keywords: DNS, CNAME, domain name, subdomain, security risk, threat, exploit, vulnerability, automation.
Introduction
DNS is considered as a telephone directory of the internet. It maps the human perceptible domain names to the server IP addresses that a computer can process. If DNS had not existed, it would have been so difficult to remember the website's names as it would just be a....
Author
Latest Articles
