Second Order Subdomain Takeover Scanner Tool scans web applications for second-order subdomain takeover by crawling the application and collecting URLs (and other data) that match specific rules or respond in a specific way.
Using Second Order Subdomain Takeover Scanner Tool
Command line options:
Base link to start scraping from (default "http://127.0.0.1")
Configuration file (default "config.json")
Print visited links in real-time to stdout
Directory to save results in (default "output")
go run second-order.go -base https://example.com -config config.json -output example.com -concurrency 10
Config File for Second Order Subdomain Takeover Scanner Tool
Example configuration file included (config.json)
- Headers: A map of headers that will be sent with every request.