-
Hi Polymath Security Team,
I found that your website is suffering from subdomain takeover pointing to Unbounce pages but no such page is connected to the external server which is very dangerous.
…
-
The current manifest spec model treats subdomains as separate apps. This is a feature--domain owners may want to run multiple apps from their domain, or they may want to lease subdomains to others to …
-
## Service name
Microsoft Azure
## Proof
There is no general approach for PoC. Microsoft Azure offers multiple services (CloudApp, Azure Websites, etc.) that use different domain names.
Ge…
-
### Service Google Cloud DNS
### Status Vulnerable (as of July 2023)
### Nameserver
ns-cloud-**.googledomains.com
### Explanation
If a domain points to one of the nameservers listed abo…
ghost updated
3 months ago
-
I have found a subdomain sub.example.com
And the CNAME is pointing to 1234.github.io
When navigating to sub.example.com
It will show the 404 error
There isn't a GitHub Pages site here.
So I c…
-
- [x] Fuzzing wordlist https://github.com/reewardius/bbFuzzing.txt
- Added to onelistforallshort
- [ ] Arjun on deep mode?
- [ ] Recheck ffuf post processing cuz -ach apparently works wrong
- [ …
-
██╗ █████╗ ███████╗██╗ ██╗██████╗ ███████╗ ██████╗ ██████╗ ███╗ ██╗
██║ ██╔══██╗╚══███╔╝╚██╗ ██╔╝██╔══██╗██╔════╝██╔════╝██╔═══██╗████╗ ██║
██║ ███████║ ███╔╝ ╚████╔╝ ██████╔╝█…
-
**Title: Web Application Security Testing**
Bug url = https://dev-app.brink.trade/
Bug type = Server Security Misconfiguration > Misconfigure DNS > High Impact Subdomain Takeover
Priority= P…
-
Currently my team is using this tool to check for subdomain takeovers. We are running it every morning. You can imagine my disappointment when our BugBounty program received some subdomain takeover su…
-
## Service name
Amazon (AWS) S3
## Proof
Amazon S3 service is indeed vulnerable. Amazon S3 follows pretty much the same concept of virtual hosting as other cloud providers. S3 buckets might be co…