Is your code secure? Use this FREE tool (CodeSec) to find out: https://bit.ly/3tcPUQx
Hackers can EASILY take over websites using a technique known as subdomain takeover. The scary part is that it’s not that hard. In this video, NetworkChuck will demonstrate how hackers can take over subdomains using tools like Takeover, Amass and Dig.
TOOLS USED IN THIS VIDEO
—————————————————
– AMASS: https://github.com/OWASP/Amass (find subdomains)
-TakeOver: https://github.com/m4ll0k/takeover (subdomain takeover vulnerability scanner)
-Dig (apt install dig)
??Join Hackwell Academy!: https://ntck.co/NCAcademy
**Sponsored by Contrast Security
SUPPORT NETWORKCHUCK
—————————————————
??NetworkChuck membership: https://ntck.co/Premium
?? COFFEE and MERCH: https://ntck.co/coffee
Check out my new channel: https://ntck.co/ncclips
??NEED HELP?? Join the Discord Server: https://discord.gg/networkchuck
STUDY WITH ME on Twitch: https://bit.ly/nc_twitch
READY TO LEARN??
—————————————————
-Learn Python: https://bit.ly/3rzZjzz
-Get your CCNA: https://bit.ly/nc-ccna
FOLLOW ME EVERYWHERE
—————————————————
Instagram: https://www.instagram.com/networkchuck/
Twitter: https://twitter.com/networkchuck
Facebook: https://www.facebook.com/NetworkChuck/
Join the Discord server: http://bit.ly/nc-discord
0:00 ? Intro
0:18 ? How subdomain takeover works
1:59 ? Why Subdomain takeovers are dangerous
2:33 ? Make sure your code is secure using codesec!
4:06 ? find our targets subdomains using Amass
5:06 ? The username is not available
5:57 ? IT actually worked!!
6:17 ? Once you’re in github…
6:58 ? The same thing can happen with Azure
7:45 ? so how do you protect your website
AFFILIATES & REFERRALS
—————————————————
(GEAR I USE…STUFF I RECOMMEND)
My network gear: https://geni.us/L6wyIUj
Amazon Affiliate Store: https://www.amazon.com/shop/networkchuck
Buy a Raspberry Pi: https://geni.us/aBeqAL
Do you want to know how I draw on the screen?? Go to https://ntck.co/EpicPen and use code NetworkChuck to get 20% off!!
#Subdomaintakeover #Hacking #codesec