diff --git a/profiles/subdomain-takeovers.yml b/profiles/subdomain-takeovers.yml index 5591c8551b..a70812bc23 100644 --- a/profiles/subdomain-takeovers.yml +++ b/profiles/subdomain-takeovers.yml @@ -1,9 +1,21 @@ -# This is a configuration file for the subdomain takeover template profile. -# Additional configuration profiles can be created for different types of nuclei scans. -# They should be placed under the 'config' directory at: -# https://github.com/projectdiscovery/nuclei-templates -# Here is an example of how to use a config profile: -# nuclei -config config/osint.yml -list target_list_to_scan.txt +# Nuclei Configuration Profile for Subdomain Takeover Detection +# +# This configuration file is specifically tailored for detecting subdomain takeovers using Nuclei. +# +# Purpose: +# This profile is focused on identifying subdomain takeover vulnerabilities across different cloud service providers. +# Subdomain takeovers can occur when a DNS entry points to a deprovisioned or unclaimed cloud resource, potentially +# allowing an attacker to claim the resource and hijack the subdomain. +# +# Included Templates: +# This configuration references specific templates designed to detect subdomain takeover scenarios: +# - http/takeovers/: This directory contains general templates for detecting HTTP-based subdomain takeovers. +# - dns/azure-takeover-detection.yaml: This template specifically checks for subdomain takeovers on Microsoft Azure. +# - dns/elasticbeanstalk-takeover.yaml: This template specifically checks for subdomain takeovers on AWS Elastic Beanstalk. +# +# Running this profile +# You can run this profile using the following command : +# nuclei -profile subdomain-takeovers -u https://www.example.com templates: - http/takeovers/