Skip to content

Configuration: Domain Takeover¶

Identifier: frontend_domain_takeover

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

Domain takeover happens when attackers gain control of a domain because it's not properly managed, often due to expired services or misconfigured DNS settings, allowing attackers to redirect traffic or impersonate the legitimate site.

How we test: We check DNS records and subdomain configurations to detect if domains point to expired or unclaimed services. We verify if DNS settings are properly configured and if subdomains are vulnerable to takeover attacks that could allow attackers to control domain resolution.

Configuration¶

Example¶

Example configuration:

---
security_tests:
  frontend_domain_takeover:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.