diff --git a/subdomain-takeover/detect-all-takeovers.yaml b/subdomain-takeover/detect-all-takeovers.yaml index 9a463a21d7..66ff920e3f 100644 --- a/subdomain-takeover/detect-all-takeovers.yaml +++ b/subdomain-takeover/detect-all-takeovers.yaml @@ -2,7 +2,7 @@ id: detect-all-takeovers info: name: Subdomain takeover finder - author: pxmme1337 + author: melbadry9 severity: high # update this list with new takeovers matchers @@ -13,26 +13,347 @@ requests: path: - "{{BaseURL}}/" matchers-condition: or + matchers: - type: word name: pantheon.io words: - "The gods are wise, but do not know of the site which you seek." + - type: word name: aws-s3-bucket words: - "The specified bucket does not exist" + - type: word name: anima words: - "If this is your website and you've just created it, try refreshing in a minute" + - type: word name: ghost words: - "The thing you were looking for is no longer here, or never was" + - type: regex name: worksites regex: - "(?:Company Not Found|you’re looking for doesn’t exist)" - part: body + - type: word + name: landingi + words: + - It looks like you're lost + - The page you are looking for is not found + + - type: word + name: helprace + words: + - Alias not configured! + - Admin of this Helprace account needs to set up domain alias + - "(see Step 2 here: Using your own domain with Helprace)." + + - type: word + name: canny + words: + - Company Not Found + - There is no such company. Did you enter the right URL? + + - type: word + name: ngrok + words: + - ngrok.io not found + - Tunnel *.ngrok.io not found + + - type: word + name: github + words: + - There isn't a GitHub Pages site here. + - For root URLs (like http://example.com/) you must provide an index.html file + + - type: word + name: heroku + words: + - There's nothing here, yet. + - herokucdn.com/error-pages/no-such-app.html + - "No such app" + + - type: word + name: instapage + words: + - You've Discovered A Missing Link. Our Apologies! + + - type: word + name: tictail + words: + - Building a brand of your own? + - 'to target URL: Trying to access your account?" + - or + - 404 Not Found
+ + - type: word + name: statuspage + words: + - Better Status Communication + - You are being redirected + + - type: word + name: bitbucket + words: + - The page you have requested does not exist + - Repository not found + + - type: word + name: smartling + words: + - Domain is not configured + + - type: word + name: acquia + words: + - If you are an Acquia Cloud customer and expect to see your site at this address + - The site you are looking for could not be found. + + - type: word + name: uservoice + words: + - This UserVoice subdomain is currently available! + + - type: word + name: ghost + words: + - The thing you were looking for is no longer here + - The thing you were looking for is no longer here, or never was + + - type: word + name: tilda + words: + - Domain has been assigned + + - type: word + name: wordpress + words: + - Do you want to register + + - type: word + name: teamwork + words: + - Oops - We didn't find your site. + + - type: word + name: helpjuice + words: + - We could not find what you're looking for. + + - type: word + name: helpscout + words: + - 'No settings were found for this company:' + + - type: word + name: cargo + words: + - If you're moving your domain away from Cargo you must make this configuration + through your registrar's DNS control panel. + + - type: word + name: feedpress + words: + - The feed has not been found. + + - type: word + name: surge + words: + - project not found + + - type: word + name: surveygizmo + words: + - data-html-name + + - type: word + name: mashery + words: + - Unrecognized domain + + - type: word + name: intercom + words: + - This page is reserved for artistic dogs. + -

Uh oh. That page doesn’t exist.

+ + - type: word + name: webflow + words: + -

The page you are looking for doesn't exist or has been + moved.

+ + - type: word + name: thinkific + words: + - You may have mistyped the address or the page may have moved. + + - type: word + name: tave + words: + - "

Error 404: Page Not Found

" + + - type: word + name: wishpond + words: + - https://www.wishpond.com/404?campaign=true + + - type: word + name: aftership + words: + - Oops.

The page you're looking for doesn't + exist. + + - type: word + name: aha + words: + - There is no portal here ... sending you back to Aha! + + - type: word + name: brightcove + words: + - '

Error Code: 404

' + + - type: word + name: bigcartel + words: + - "

Oops! We couldn’t find that page.

" + + - type: word + name: activecompaign + words: + - alt="LIGHTTPD - fly light." + + - type: word + name: compaignmonitor + words: + - Double check the URL or