Skip to content

Security Breached Blog

| One step at a time There's no need to rush It's like learning to fly! |

Menu
  • Home
  • Who Am I
  • Bug Bounty Guide
Menu

Tag: Subdomain Takeover

Subdomain Takeover via Unsecured S3 Bucket Connected to the Website

Posted on September 24, 2018 by Muhammad Khizer Javed

Hey Guys,   So This Blog is Basically About an issue i found in a web where a missing file and an Unsecured S3 Bucket connected to that website gave me a way to takeover that subdomain without a Subdomain Takeover Vulnerability, So Let’s begin   So I was testing a private program when i…

Read more

UBER Wildcard Subdomain Takeover | BugBounty POC

Posted on November 20, 2017November 20, 2017 by Muhammad Khizer Javed

Hi All, So Last month i decided to test Uber for Fun & Profit, So while scanning for subdomains to target i found a subdomain “design.uber.com” While navigating to the subdomain it redirected me to another domain Owned By Uber That was https://www.uber.design/ so The domain was new for me as i haven’t seen that before…

Read more

What is Subdomain Hijack/Takeover Vulnerability? How to Identify? & Exploit It?

Posted on October 11, 2017October 11, 2017 by Muhammad Khizer Javed

The POST explains What is Subdomain Hijack/takeover Vulnerability, What are the Impacts of the Vulnerability & How can You prevent such attacks, In addition to this I Tried my best to add the step by step guide about how to Identify & Exploit Vulnerable Subdomains Using 5 different services that includes, Amazon Cloudfront  Heroku Desk.com…

Read more

Bugcrowd’s Domain & Subdomain Takeover vulnerability!

Posted on October 10, 2017 by Muhammad Khizer Javed

Hey, I decided to Write about this Issue because I have seen some people are still confused about “Fastly error: unknown domain” Many Subdomains of BugBounty programs have This error on their Subdomains and People Report is Without Claiming or Try to claim That.. But If you try to claim such Subdoamin it will ask…

Read more

Subdomain Takeover Through Expired Cloudfront Distribution | live.lamborghini.com

Posted on October 10, 2017 by Muhammad Khizer Javed

Hey Guys! So I have to accept that I’m a Huge Fan of Lamborghini Cars 👊 So I was just looking at their website lamborghini.com when I decided to scan subdomains of the website 😛 and I found a Subdomain (live.lamborghini.com) that was showing an error Like Cloudfront Error on live.lamborghini.com So as i Know and…

Read more


  • What is Subdomain Hijack/Takeover Vulnerability? How to Identify? & Exploit It?
  • UBER Wildcard Subdomain Takeover | BugBounty POC
  • Subdomain Takeover via Unsecured S3 Bucket Connected to the Website
  • Bugcrowd’s Domain & Subdomain Takeover vulnerability!
  • My Guide to Basic Recon? | Bug Bounties + Recon | Amazing Love story.
  • Microsoft Apache Solr RCE Velocity Template | Bug Bounty POC

Tweets by KHIZER_JAVED47
© 2022 Security Breached Blog | Powered by Minimalist Blog WordPress Theme
 

Loading Comments...