🔥 Release Highlights 🔥
We have just added the option of local or private fingerprint scanning.
You can scan using a fingerprint that only you know (private). and the scans are not uploaded to the website.
root@alice$ echo sub.redacted.com | httpx -silent | subdosec -pf localfinger.json -o /path/to/savevulndir
____ _ _
/ ___| _ _| |__ __| | ___ ___ ___ ___
\___ \| | | | '_ \ / _` |/ _ \/ __|/ _ \/ __|
___) | |_| | |_) | (_| | (_) \__ \ __/ (__
|____/ \__,_|_.__/ \__,_|\___/|___/\___|\___|
[WARNING] You are not using private mode; results will be public.
https://sub.redacted.com [100.00%] [surge.sh] [VULN] [SAVED]
Here for sample local fingerprint format:
root@alice$ cat localfinger.json
{
"fingerprints": [
{
"fid": 0,
"name": "Subdomain takeover - surge.sh",
"rules": {
"cname": "na-west1.surge.sh",
"title": "project not found",
"in_body": "project not found",
"status_code": "404"
},
"status_fingerprint": 0,
"reference": "https://sfl.gl/6hB8",
"service": "surge.sh",
"logo_service": "https://miro.medium.com/v2/resize:fit:1108/1*WNY7IHSxrkhp-x2VledO8A.png"
},
{
"fid": 1,
"name": "Subdomain takeover - Github",
"rules": {
"cname": "github.io",
"status_code": "404",
"in_body": "There isn't a GitHub Pages site here",
"title": "Site not found"
},
"status_fingerprint": 0,
"reference": "https://www.youtube.com/watch?v=Gn2Kq0w957Q",
"service": "github.io",
"logo_service": "https://pages.github.com/images/logo.svg"
},
.. add more
]
}