Security Test: Domain Takeover¶
Description¶
Domain takeover occurs when an attacker gains control of a domain due to misconfigurations, expired services, or DNS vulnerabilities. This allows the attacker to redirect traffic, impersonate the domain, and potentially steal sensitive information.
Remediation¶
- Remove or update DNS records that point to unused or expired domains.
- Implement strict access controls and regularly audit domain ownership.
- Use domain registrar features like domain locking to prevent unauthorized changes.
- Regularly monitor and renew domain registrations to prevent expiration.
- Implement security measures such as DNSSEC to protect DNS records.
- Conduct regular security assessments to identify potential domain vulnerabilities.
- Educate staff on the importance of domain security and best practices.
Frontend Specific¶
React
Ensure all components and dependencies are up-to-date and regularly audited for vulnerabilities.Angular
Regularly update Angular dependencies to patch known vulnerabilitiesVue
Regularly update Vue dependencies and audit for vulnerabilitiesSvelte
Regularly update Svelte dependencies and audit for vulnerabilitiesEmber
Regularly update Ember.js and its dependencies to patch known vulnerabilities and enhance security.Backbone
Regularly update and patch the Backbone.js framework to mitigate vulnerabilities.Preact
Regularly update Preact dependencies and audit for vulnerabilitiesGatsby
Regularly update dependencies and plugins to mitigate security vulnerabilities in the Gatsby framework.Blazor
Regularly update Blazor framework dependencies to patch security vulnerabilities.Marko
Regularly update and patch the Marko framework engine to prevent vulnerabilities.Mithril
Regularly update and patch the Mithril framework to protect against known vulnerabilities.Configuration¶
Identifier:
configuration/domain_takeover
Examples¶
Ignore this check¶
Score¶
- Escape Severity:
Compliance¶
- OWASP: API8:2023
- OWASP LLM: LLM05:2023
- pci: 6.1
- gdpr: Article-32
- soc2: CC9
- psd2: Article-95
- iso27001: A.12.6
- nist: SP800-81-2
- fedramp: SC-20
Classification¶
- CWE: 284
Score¶
- CVSS_VECTOR: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- CVSS_SCORE: 3.0