Check if subdomains have a CNAME record pointing to one of the CMS providers before checking if they are vulnerable

[mhmdiaa]

The process should be:

1. Check if the subdomain has a CNAME record.
2. If the record points to one of the CMS providers, report it, and only then check if it's vulnerable. If it doesn't have a record, or the record points somewhere else, go on to the next subdomain.

This would bring 2 advantages:

1. The whole process would be way faster, as for most subdomains only a DNS query is made, not a full blown HTTP request.
2. You'll have a list of subdomains that point to these CMS's, but are not vulnerable at the moment. You can feed this list to another tool that checks these subdomains every once in a while (maybe an assetnote module).

[anshumanbh]

Very interesting feedback! I definitely agree that's the way to go and I will prolly get to changing the code at some point but not sure how soon that'll happen. Thanks for checking this out!

[mhmdiaa]

I'll try to add it myself when I have some time. Thanks for the very nice tool.

[anshumanbh]

PR made by @mhmdiaa and merged! Thanks again