Simon spoke about subdomain hijacking at DTX!
Simon delivered his subdomain hijacking talk with a new twist. Why is DevOps making us more vulnerable?
DevOps is a fantastic enabler for businesses, and developers who embrace it find that they can innovate, iterate and deliver faster than ever before.
What we also see is an even greater adoption of SaaS services, cloud services and a devolution of control. This can lead to a higher rate of misconfiguration, which is what we have been seeing with the prevalence subdomain hijacking vulnerabilities.
The talk was pitched at developers, giving us a great opportunity to educate them on this novel attack technique. Simon walked through what DNS is, how these conditions can occur and what an attacker can do from this point. The talk was really well received and we had some great conversations afterwards.
We wrote a tool that businesses can use to audit themselves, called dnsReaper.
What does dnsReaper do?
dnsReaper is an auditing tool that detects subdomain takeover vulnerabilities in DNS lightning quick.
You can run it adhoc, continuously, or in a ci/cd pipeline.
Most existing subdomain takeover tools require you to provide the domain list, which is fine for bug bounty hunting but not for auditing your own DNS. dnsReaper can fetch your domains through multiple mechanisms, or you can feed it a list of domains. It then produces a model of your DNS records and runs them through over 60 signatures.