Working with Second-Order Tool
Example 1: Scanning w3wiki.org target domain
./second-order -target http://w3wiki.org -config config/takeover.json
In this example, we are using the takeover.json config file for subdomain takeover. We are scanning the target domain w3wiki.org.
Example 2: Using other config files
./second-order -target http://w3wiki.org -config config/parameters.json
In the below screenshot, we have the list of JSON config files that can be used for crawling purposes.
We are using the parameters.json config file.
We have got the URLs which consist of parameters.
Second-Order – Subdomain Takeover Scanner
The Second-Order tool is a cyber security-based tool that is used in the scanning of web applications for crawling the application and collecting the sensitive parameterized URLs and other data which match certain patterns and rules. This tool is developed in the Golang language and is available on the GitHub platform. This tool consists of various config files which are used for performing various crawling tasks and scanning tasks on the target domain.
Note: As Second-Order is a Golang language-based tool, you need to have a Golang environment on your system.
Contact Us