Commit 0db0b94f authored by bobloblaw's avatar bobloblaw
Browse files

Updates subdomain_takeover.md 

Auto commit by GitBook Editor
parent ffb9561b

SUMMARY.md

+1 −1
Original line number Diff line number Diff line
@@ -50,7 +50,7 @@ 
            * [Clickjacking](clickjacking.md)

            * [Broken Authentication or Session Management](broken_authentication_or_session_management.md)

            * [Text\/content-injection](text-injection.md)

            * [Subdomain takeover](subdomain_takeover.md)

            * [Subdomain Takeover](subdomain_takeover.md)

            * [Cross Site Request Forgery](cross_site_request_forgery.md)

            * [Cross-site-scripting](cross-site-scripting.md)

                * [Examples](examplesXSS.md)

subdomain_takeover.md

+4 −1
Original line number Diff line number Diff line 
# Subdomain takeover

# Subdomain Takeover



This is a really cool attack.



First you looks for all subdomains. Sometimes a company has forgotten about a subdomain. Like and old support system called `support.example.com`. And then the support-system that points to that domain gets removed. That means that we could start a service for support, and like it to that domain. And thereby controlling the domain.