Closed menzow closed 5 years ago
In addition to Traffic Manager profiles Cloud Services (.cloudapp.net) and Blob Storages (.blob.core.windows.net) are also vulnerable to Subdomain Takeovers. Which are not detected by SubOver.
Sorry for the late response, actually the public project is discontinued. Please check https://github.com/haccer/subjack. I am not maintaining this at the moment.
Traffic Manager lets you route traffic within Azure. Using cnames to xxx.trafficmanager.net it's sometimes possible to takeover such routing. Portal link: https://portal.azure.com/#create/Microsoft.WebSite
More info: https://azure.microsoft.com/en-us/services/traffic-manager/