Should warn when CNAMEs are not resolvable

danielfett / yesses

yesses Security Configuration Scanner: Tool to enumerate domains and IPs and test those domains and IPs for basic network and web security properties.

GNU Affero General Public License v3.0

5 stars 3 forks source link

Should warn when CNAMEs are not resolvable #37

Open danielfett opened 4 years ago

danielfett commented 4 years ago

...to avoid subdomain takeover.

danielfett commented 4 years ago

https://www.eecis.udel.edu/~hnw/paper/ccs16a.pdf