Files & Folders
README.md
S-Over - Subdomain Takeover Scanner
S-Over is a powerful and highly concurrent subdomain takeover detection tool, built using Python's asyncio and aiohttp ecosystem. It uses DNS and HTTP fingerprinting to detect dangling or misconfigured subdomains that could potentially be hijacked by attackers.
Features
- ๐ Fast and asynchronous domain scanning
- ๐ต๏ธโโ๏ธ Supports both CNAME and A record detection
- ๐ HTTP content fingerprinting for over 50+ services
- ๐ก NXDOMAIN verification for dangling CNAMEs
- ๐ Optional output to JSON
- ๐๏ธ Custom concurrency and timeout settings
- ๐งช Rich terminal output (using Rich library)
- ๐ Debug mode for detailed inspection
Requirements
- Python 3.7+
- Dependencies:
aiohttpaiodnsrich
You can install the dependencies using:
pip install -r requirements.txtUsage
python s-over.py -f subdomains.txt -p fingerprints.json -c 100 -t 10 -o results.jsonOptions
| Option | Description |
|---|---|
-f |
File containing subdomains list |
-p |
JSON fingerprint file (default: fingerprints.json) |
-c |
Concurrency (default: 100) |
-t |
Timeout per HTTP request in seconds (default: 10) |
-o |
Save output to JSON file |
--debug |
Enable verbose debug mode |
Fingerprint Format
The fingerprints.json should contain an array of service entries like:
[
{
"service": "GitHub Pages",
"cname": ["github.io"],
"nxdomain": true,
"fingerprint": ["There isn't a GitHub Pages site here."]
}
]Sample
cat subdomains.txt | python s-over.py --debugLicense
This project is developed by HaxorSec - 2025 ยฉ. All rights reserved.
Disclaimer
This tool is intended for educational and authorized security testing purposes only. Use it responsibly.
Description
S-Over is a powerful and highly concurrent subdomain takeover detection tool, built using Python asyncio and aiohttp ecosystem. It uses DNS and HTTP fingerprinting to detect dangling or misconfigured subdomains that could potentially be hijacked by attackers.
Repository Info
Releases 0
No releases yet.