🤖Mastering Subdomain Takeovers

Here is a list of subdomain takeover resources along with their descriptions:

1. [Subdomain Takeover of help.bitstripsforschools.com](https://hackerone.com/reports/269109): This report details a subdomain takeover vulnerability found on help.bitstripsforschools.com.

2. [Subdomain Takeover via Unclaimed WordPress site](https://hackerone.com/reports/274336): This report describes a subdomain takeover vulnerability that occurred through an unclaimed WordPress site.

3. [Subdomain Takeover Through Expired Cloudfront Distribution | live.lamborghini.com](https://blog.securitybreached.org/2017/10/10/subdomain-takeover-lamborghini-hacked/): This blog post explains a subdomain takeover vulnerability that took place through an expired Cloudfront distribution on live.lamborghini.com.

4. [Hostile Subdomain Takeover tool written in Go](https://github.com/haccer/subjack): This is a tool called Subjack written in Go that helps identify and exploit subdomain takeover vulnerabilities.

5. [UBER Wildcard Subdomain Takeover](https://blog.securitybreached.org/2017/11/20/uber-wildcard-subdomain-takeover/): This blog post discusses a wildcard subdomain takeover vulnerability discovered in UBER.

6. [Subdomain Takeover](https://hackerone.com/reports/289051): This report describes a subdomain takeover vulnerability found on an undisclosed website.

7. [AWS S3 bucket - Subdomain takeover](http://www.tutorgeeks.net/2017/12/aws-s3-bucket-subdomain-takeover.html): This blog post explains a subdomain takeover vulnerability related to an AWS S3 bucket.

8. [MIT Subdomain Takeover](https://medium.com/@bluedangerforyou/mit-subdomain-takeover-65b1fe0f1347): This Medium article discusses a subdomain takeover vulnerability discovered at MIT.

9. [Second-order subdomain takeover scanner](https://github.com/mhmdiaa/second-order): This is a tool called Second-order that scans for second-order subdomain takeover vulnerabilities.

10. [Subdomain takeover at news-static.semrush.com](https://hackerone.com/reports/294201): This report details a subdomain takeover vulnerability found on news-static.semrush.com.

11. [SubdomainDB](https://github.com/smiegles/subdomainDB/): SubdomainDB is a self-hosted API that allows users to maintain their own subdomain database.

12. [SubOver - The Most Powerful Subdomain Takeover Tool Available](https://github.com/Ice3man543/SubOver/): SubOver is a powerful subdomain takeover tool designed to detect and exploit vulnerabilities.

13. [How I could make more than 1,700 Subdomain Takeovers on Amazon S3 in a few minutes](https://medium.com/@thebuckhacker/how-i-could-make-more-then-1-700-subdomains-takeovers-on-amazon-s3-in-few-minutes-8f6b27bffe0d): This Medium article describes a technique to perform numerous subdomain takeovers on Amazon S3.

14. [Subdomain takeover on developer.openapi.starbucks.com](https://hackerone.com/reports/275714): This report outlines a subdomain takeover vulnerability discovered on developer.openapi.starbucks.com.

15. [Hacker pro tip: when you takeover a subdomain on Heroku but the website still displays the "No such app" page, try to use an app in a different region](https://twitter.com/gwendallecoguic/status/966708730

- [$4500 Bounty — How I got lucky](https://medium.com/bugbountywriteup/4500-bounty-how-i-got-lucky-99d8bc933f75)
- [Subdomain takeover with Shopify, Heroku and something more](https://medium.com/@valeriyshevchenko/subdomain-takeover-with-shopify-heroku-and-something-more-6e9504da34a1)
- [Subdomain takeover on svcgatewayus.starbucks.com](https://hackerone.com/reports/325336)
- [Subdomain takeover on svcgatewaydevus.starbucks.com and svcgatewayloadus.starbucks.com](https://hackerone.com/reports/383564)
- [svcardproxydevus.starbucks.com Subdomain take over](https://hackerone.com/reports/380158)
- [Subdomain takeover on wfmnarptpc.starbucks.com](https://hackerone.com/reports/388622)
- [Subdomain Takeover: Yet another Starbucks case](https://0xpatrik.com/subdomain-takeover-starbucks-ii/)
- [Guide To Subdomain Takeovers](https://medium.com/@Hacker0x01/a-guide-to-subdomain-takeovers-ddebe0684a58)
- [Subdomain takeover at segway.shipt.com](https://hackerone.com/reports/389783)
- [Subdomain Takeover: Going beyond CNAME](https://0xpatrik.com/subdomain-takeover-ns/)
- [How to do 55.000+ Subdomain Takeover in a Blink of an Eye](https://medium.com/@thebuckhacker/how-to-do-55-000-subdomain-takeover-in-a-blink-of-an-eye-a94954c3fc75)
- [Subdomain Takeover worth 200$](https://medium.com/@alirazzaq/subdomain-takeover-worth-200-ed73f0a58ffe)
- [Subdomain Takeover via Unsecured S3 Bucket Connected to the Website](https://blog.securitybreached.org/2018/09/24/subdomain-takeover-via-unsecured-s3-bucket/)
- [Takeover script extracts CNAME record of all subdomains at once. TakeOver saves researcher time and increase the chance of finding subdomain takeover vulnerability.](https://github.com/samhaxr/TakeOver-v1)
- [Subdomain Takeover — New Level](https://medium.com/bugbountywriteup/subdomain-takeover-new-level-43f88b55e0b2)
- [Subdomain Takeover: Second Order Bugs](https://0xpatrik.com/second-order-bugs/)
- [Subdomain takeover [Awarded $200]](https://medium.com/@friendly_/subdomain-takeover-awarded-200-8296f4abe1b0)
- [Subdomain takeover on dev-admin.periscope.tv](https://hackerone.com/reports/531890)
- [subdomain take over at recommendation.algolia.com](https://hackerone.com/reports/673273)
- [Subdomain takeover of d02-1-ag.productioncontroller.starbucks.com](https://hackerone.com/reports/661751)
- [Subdomain takeover of datacafe-cert.starbucks.com](https://hackerone.com/reports/665398)