Subdomain Takeover via GitHub steps [ Point to IP Address ]

Subdomain Takeover via GitHub 
[ IP Address ]

in many cases we see github takeover only done from 

In this video I will show you 
that you can also Takeover a Subdomain
 if it show you GitHub finger Print error 
and DNS point to github IP Address

Note : Steps are the same of normal Takeover

Impact : This Takeover can be used for several purposes: Malware Phishing / Spear phishing XSS Authentication bypass .. etc.

Suggested fix : Clear your Subdomain DNS


Post a Comment