Hey all,
I help maintain dnsReaper which is a subdomain takeover tool. It's free, available on GitHub and docker and looks for domains vulnerable to domain takeovers.
Today we've added 2 new integrations!
Project discovery have a massive database of subdomains called CHAOS and you can now query and test domains in dnsReaper.
We've also added SecurityTrails, which also has a huge public subdomain list.
This means that you can just point dnsReaper at a bug bounty domain and let it run. There will be false positives for sure, but we have 61 signatures so hopefully there will be some nice easy findings too.
Our blog post on the new features is here:
https://punksecurity.co.uk/blog/dnsreaper_pd/
Our GitHub is over here:
https://github.com/punk-security/dnsReaper
It's a free tool that we built just to highlight this issue and educate. Please give it a star and share it, we'd appreciate it.
Overview
If you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.
We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.
Please reserve top level comments for those posting open positions.
Rules & Guidelines
Include the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.
You can see an example of acceptable posts by perusing past hiring threads.
Feedback
Feedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)