= Subdomain_takeover = <> <> [[/bounty]] A Guide To Subdomain Takeovers Hacker Resources https://www.hackerone.com/blog/Guide-Subdomain-Takeovers Subdomain Takeover 概観 https://diary.shift-js.info/subdomain-takeover/ Cristian Cornea Mar 16, 2022 · Top 25 Subdomain Takeover Bug Bounty Reports https://corneacristian.medium.com/top-25-subdomain-takeover-bug-bounty-reports-f6e386ba4413 Fastly Subdomain Takeover $2000 Bug Bounty — From zero to HERO https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f ---- https://github.com/EdOverflow/can-i-take-over-xyz/blob/master/README.md EdOverflow/can-i-take-over-xyz Can I take over XYZ? A list of services and how to claim (sub)domains with dangling DNS records. What is a subdomain takeover? Subdomain takeover vulnerabilities occur when a subdomain (subdomain.example.com) is pointing to a service (e.g. GitHub pages, Heroku, etc.) that has been removed or deleted. This allows an attacker to set up a page on the service that was being used and point their page to that subdomain. For example, if subdomain.example.com was pointing to a GitHub page and the user decided to delete their GitHub page, an attacker can now create a GitHub page, add a CNAME file containing subdomain.example.com, and claim subdomain.example.com. 危ないサービスのリストが続いている。