Evidence-Based Subdomain Takeover Scanner
Scan For Subdomain Takeover Vulnerabilities
Evidence-Based Subdomain Takeover Scanning At Scale
With fingerprints for 50+ technologies (such as GitHub, Azure, AWS, etc.)!
Simulate Penetration Tester's Behaviour
Perform an automated series of effective tests to identify, exploit and verify a subdomain takeover vulnerability.
Blazing Fast
Scan multiple hosts concurrently with our multi-threaded scanners.
False-Positive Free
Our integrated <span className='text-indigo-600'>Validator Engine</span> drops false-positive rates to 0%.
Support For 50+ Technologies & Services
Our fingerprints list supports over 50+ third-party technologies and services, including GitHub, Azure, AWS, etc.
Detailed Reports
Receive detailed reports with actionable steps. Even for edge-cases requiring multiple steps from the end-user.
Instant Notifications
Receive instant notifications once an open redirect vulnerability is discovered. Regardless of the scans' progress status.
FAQ
Frequently asked questions
What technologies are supported?
What technologies are supported?
CNAME X detects subdomain takeover vulnerabilities across more than 50 different technologies and platforms.
What is meant with false-positive free?
What is meant with false-positive free?
CNAME X is developed to analyze DNS records of your target and check the server's HTTP response ensuring it provides an almost false positive and false negative free experience.
Can I scan multiple hosts at the same time?
Can I scan multiple hosts at the same time?
Yes, you can manually supply multiple hosts at the same time.
Additionally, you can also initiate a Deep Scan and automate the whole process from content discovery to scanning for CWE-16!