What would you like added?
The subdomain takeover guide is a bit dated and focuses on manually reviewing for takeovers. Testers validate manually but test automatically due to the wide variety of fingerprints and the error-prone nature of manual validation for takeovers.
I think the guide should be updated to focus on the typical workflow and the current state of tooling.
The typical workflow is along the lines of:
Subdomain enumeration
Detection via (open-source) tools
Validation (since it's a false-positive prone process)
What would you like added? The subdomain takeover guide is a bit dated and focuses on manually reviewing for takeovers. Testers validate manually but test automatically due to the wide variety of fingerprints and the error-prone nature of manual validation for takeovers.
I think the guide should be updated to focus on the typical workflow and the current state of tooling.
The typical workflow is along the lines of:
There are also quite a few tools, many unmaintained and most miss a lot of instances. Here's an engineering post analyzing existing tools while developing a new one.
This would require a relatively major rewrite of the page but I'm happy to help. Opinions welcome!
Would you like to be assigned to this issue?