-
Service name
webflow
Website
https://webflow.com/
Report
https://hackerone.com/reports/399165
Subdomain takeover through webflow is possible but for creating POC you need a paid account …
-
## Service name
Gumfury
## Proof
https://khaledibnalwalid.wordpress.com/2020/06/25/gemfury-subdomain-takeover/
## Documentation
-
## Service name : Gitbook
## Proof:
1:
![Screenshot (14)_LI](https://user-images.githubusercontent.com/50272190/153820545-b3f0936c-0267-4d6d-83ba-b872ef45f1d0.jpg)
2:
![Screenshot (17)_LI](…
-
Some Help with Cargo Collective Subdomain Takeover
-
## Service name
Amazon Cognito
## Proof
1. Find a domain of form "*.auth..amazoncognito.com" referenced in some app where it NXDOMAIN's when resolved
2. Create a Cognito user pool on any AWS acc…
-
## Service name
Agile CRM - https://www.agilecrm.com/
## Proof
#### Error Message:
![screenshot](https://user-images.githubusercontent.com/25739266/79562825-41dce980-80c9-11ea-8708-491e3675aa4…
-
## [Helpscout](https://www.helpscout.com/)
## Proof
CNAME
## Documentation
1. Create an account on helpscout
2. Create a new knowledgebase
3. point the knowledgebase to the subdomain…
-
## Gohire.io
##
## Documentation
The CNAME record should be `custom.gohire.io` which gives the idea that they do not have domain authtification.
Simply create an account and goto hiring setti…
-
## HubSpot
## Proof
Example of https://hackerone.com/reports/38007
## Doc
I do the same takeover last 2 days so The vulnerability is still exist .
-
## Service name
LaunchRock offers service to create marketing pages.
## Proof
I was able to perform subdomain takeover in the private program on H1. The POC costed me a 9$ to buy the Premium plan…
ghost updated
3 months ago