Dashboard
Input Subdomains
Manually input subdomains for quick scanning and vulnerability checks.
Input ManuallyCheck Dangling IPs
Scan for dangling cloud IPs that could be vulnerable to takeover attacks.
Check IPsCheck Zone Transfer
Test for DNS zone transfer vulnerabilities that could expose domain data.
Check Zone TransferEnumerate Subdomains
Discover and scan subdomains for potential takeover vulnerabilities.
Enumerate SubdomainsRecent Activity
Subdomain scan completed
10 minutes ago
Zone transfer vulnerability detected
2 hours ago
Dangling IP check completed
Yesterday
Total Scans
128
Vulnerabilities
24
Subdomains
342
Takeovers
7
Recent Scan Results
| Domain | Type | Status | Date | Action |
|---|---|---|---|---|
| example.com | Zone Transfer | Vulnerable | 2023-06-15 | View Details |
| test.example.org | Subdomain Takeover | Secure | 2023-06-14 | View Details |
| api.example.net | Dangling IP | Warning | 2023-06-13 | View Details |
Upload Subdomains
Upload Options
Advanced Settings
Input Subdomains
Enter Subdomains
Enter the root domain to scan for subdomains
Enter one subdomain per line or paste a list
Scan Options
Quick Templates
Check Dangling IPs
Input Domain or IP Range
Enter a domain to check for dangling DNS records
Cloud Provider Options
Scan Results
Scan Summary
CompletedTotal IPs
256
Dangling IPs
12
Cloud Resources
18
Scan Time
1:24
| IP Address | Status | Cloud Provider | Resource Type | Actions |
|---|---|---|---|---|
| 192.168.1.24 | Dangling | AWS | EC2 Instance | View Details |
| 192.168.1.56 | Potential Risk | Azure | VM | View Details |
| 192.168.1.102 | Secure | GCP | Compute Engine | View Details |
No Scan Results Yet
Configure your scan options and click "Start Scan" to begin
Check Zone Transfer
Domain Input
Enter a domain to check for zone transfer vulnerabilities
Enter specific nameservers to check (one per line), or leave empty to auto-detect
Advanced Options
Optional: Use a specific DNS server for queries
DNS server port (default: 53)
Results
Scan Summary: example.com
CompletedNameservers
3
Vulnerable
1
Records
142
Scan Time
0:32
Nameserver Status
| Nameserver | Status | Records | Actions |
|---|---|---|---|
| ns1.example.com | Vulnerable | 142 | View Records |
| ns2.example.com | Secure | 0 | View Records |
| ns3.example.com | Secure | 0 | View Records |
Vulnerability Assessment
Zone Transfer Enabled
The nameserver ns1.example.com allows zone transfers, exposing all DNS records.
Information Disclosure
Sensitive subdomains and internal infrastructure details are exposed.
Reconnaissance Risk
Attackers can use this information for targeted attacks against your infrastructure.
No Zone Transfer Results Yet
Enter a domain and click "Check" to test for zone transfer vulnerabilities
Enumerate Subdomains
Target Configuration
Enter the root domain to enumerate subdomains
Enumeration Methods
Takeover Scanning
Results
Scan Summary: example.com
Discovered
127
Live
98
Takeover Risks
3
Progress
78%
Discovered Subdomains
| Subdomain | Status | IP Address | Service | Actions |
|---|---|---|---|---|
| api.example.com | Live | 192.168.1.1 | Nginx | View Details |
| dev.example.com | Takeover Risk | - | GitHub Pages | View Details |
| staging.example.com | Takeover Risk | - | Heroku | View Details |
| mail.example.com | Live | 192.168.1.2 | Exchange | View Details |
| old.example.com | Dead | - | - | View Details |
Takeover Vulnerabilities
GitHub Pages Takeover (dev.example.com)
CNAME points to username.github.io but the repository doesn't exist.
Heroku App Takeover (staging.example.com)
CNAME points to herokuapp.com but the application has been removed.
AWS S3 Bucket Takeover (assets.example.com)
CNAME points to s3.amazonaws.com but the bucket doesn't exist.
No Enumeration Results Yet
Configure your scan options and click "Start Enumeration" to begin