Subdomain Takeover via AWS Elastic Beanstalk with steps - Mohamed Haron

Mohamed Haron

This Personal Blog about Security and Writes-Up

Apr 25, 2020

Subdomain Takeover via AWS Elastic Beanstalk with steps


Subdomain Takeover via AWS Elastic Beanstalk 


This Takeover Required AWS Account 

Note :
This service from Amazon Aws maybe cost money per requests.

Video Poc :




Impact : This Takeover can be used for several purposes: Malware Phishing / Spear phishing XSS Authentication bypass .. etc.

Suggested fix : Clear your Subdomain DNS

----------------------------------------------------

No comments:

Post a Comment