A repository to host the subdomain wordlists from my blog "What I learnt from reading 217 subdomain takeover bug reports"
https://medium.com/@nynan/what-i-learnt-from-reading-217-subdomain-takeover-bug-reports-c0b94eda4366
There are four wordlists:
- internal.txt
- external.txt
- ambiguous.txt
- combined.txt
-
internal.txt contains all subdomains which were observed to be vulnerable and looked like they were intended to be internal.
-
external.txt contains all subdomains which were observed to be vulnerable and looked like they were intended to be used for public facing assets.
-
ambiguous.txt contains all subdomains which were observed to be vulnerable and I could not tell there purpose.
-
combined.txt is a file containing all of the above subdomains.
If you thought this was useful, a free way to support me would be to follow me on: