-
## Service name
Anima - https://www.animaapp.com/
## Proof
Created a PoC for a bug bounty report and it worked without any issues.
## Documentation
A Record:
subdomain.domain.com. 600 IN A 35.16…
-
## Service name
Heroku
## Proof
Heroku has same virtual hosting concept as other cloud providers. Various `*.herokudns.com` subdomain respond with the same set of A records. HTTP Host matters f…
-
## Service name
FreshDesk
## Proof
if the subdomain have an fingerprint and the cname is the same fingerprint
Yes the subdomain can be takeover !
FingerPrint
` We couldn't find support.exa…
-
## ElasticBeanstalk AWS service
## Proof
Found it 3 times in Private Program.
## Documentation
Same Steps here https://www.youtube.com/watch?v=srKIqhj_ki8
-
### Nuclei version: v3.3.0
## Nuclei command: nuclei -l subDomains -t ~/nuclei-templates/http/takeovers -rl 40
### Current Behavior: Nuclei currently indicates that a domain …
-
## Service name
GetResponse - https://www.getresponse.com/
## Vulnerable domain which can be takeover
![image](https://user-images.githubusercontent.com/209987/131318854-5435af63-9d24-4c35-86db-…
-
## Service name
.netdna-cdn.com
## Description
Is there a possibility to takeover sub-domains with CNAME pointing to .netdna-cdn.com or MaxCDN service possible?
-
is subdomain takeover on Marketo possible
-
## Service name
https://tilda.cc/
## Proof
https://hackerone.com/reports/894657
## Documentation
Subdomains which are pointing to tilda.cc,and has a unclaimed DNS record are vulnerable for su…
-
## Alibaba Cloud OSS
A subdomain pointing to unclaimed Alibaba OSS bucket via CNAME is vulnerable for takeover. The website will throw an error like this when the bucket doesn't exist.
![test](…