Subjack is a Hostile Subdomain Takeover tool written in Go designed to scan a list of subdomains concurrently and identify ones that are able to be hijacked. With Go’s speed and efficiency, this tool really stands out when it comes to mass-testing. Always double check the results manually to rule out false positives.
[su_quote]go get github.com/haccer/subjack[/su_quote]
[su_quote]./subjack -w subdomains.txt -t 100 -timeout 30 -o results.txt -ssl[/su_quote]
[su_quote]-w domains.txt is your list of subdomains.
-t is the number of threads (Default: 10 threads).
-timeout is the seconds to wait before timeout connection (Default: 10 seconds).
-o results.txt where to save results to.
-ssl enforces HTTPS requests which may return a different set of results and increase accuracy.
-a skips CNAME check and sends requests to every URL. (Recommended)
-v verbose. Display more information per each request.[/su_quote]