Home

Awesome

tko-subs

This tool allows:

Disclaimer: DONT BE A JERK!

Needless to mention, please use this tool very very carefully. The authors won't be responsible for any consequences. By default, this tool does not allow taking over of subdomains. If you want to do it, just specify the -takeover flag.

Pre-requisites

We need GO installed. Once you have GO, just type go get github.com/anshumanbh/tko-subs to download the tool.

Once the tool is downloaded, type tko-subs -h.

The next thing we need to do is to get the following information:

NOTE - You only need these values if you want to take over subdomains. By default, that's not required.

Required Go Packages to build.

go get github.com/bgentry/heroku-go
go get github.com/gocarina/gocsv
go get github.com/google/go-github/github
go get github.com/olekukonko/tablewriter
go get golang.org/x/net/publicsuffix
go get golang.org/x/oauth2
go get github.com/miekg/dns

How to run?

Once you have everything installed, cd into the directory and type: tko-subs -domains=domains.txt -data=providers-data.csv -output=output.csv

If you want to take over as well, the command would be: tko-subs -domains=domains.txt -data=providers-data.csv -output=output.csv -takeover -githubtoken=<github-token> -herokuusername=<heroku-username> -herokuapikey=<heroku-api-key> -herokuappname=<heroku-app-name>

If you just want to check for a single domain, type: tko-subs -domain <domain-name>

If you just want to check for multiple domains, type: tko-subs -domain <domain-name-1>,<domain-name-2>

By default:

So, simply running tko-subs would run with the default values mentioned above.

How is providers-data.csv formatted?

name,cname,string,http

How is the output formatted?

Domain,CNAME,Provider,IsVulnerable,IsTakenOver,Response

If a dead DNS record is found, Provider is left empty. If a misbehaving nameserver is found, Provider and CNAME are left empty

What is going on under the hood?

This will iterate over all the domains (concurrently using GoRoutines) in the subdomains.txt file and:

Future Work

Credits

Changelog

5/27

11/6

9/22

6/25