Reputation Alerts
Suspicious Redirects
What is it?
A suspicious redirect is a redirect that has changed. Redirects are tracked with each scan, and if the redirect chain changes e.g. to a malicious website, or doesn't match the expected pattern a warning for suspicious behavior is thrown.
Where is it detected?
- Website Security Monitor
Alert Levels
- YELLOW: redirects may not be triggered on any visit, they might also be set on purpose by the web administrator.
Recommended Action
Check if the redirect is leading to the correct target. If the target is known as malicious, remove the redirect if possible immediately.
DNS Takeover
What is it?
A potential DNS takeover vulnerability was found. This means that an attacker may take control of a DNS server for resolving your hostname. The attacker can change the DNS record(s) to a server that he/she owns.
This issue type results from a misconfigured server. Domain's DNS records are controlled by DNS servers that anyone can use, but no one within this service claims the domain.
To perform a takeover, the name server has to be one of the currently known vulnerable DNS services that can be found here:
https://github.com/indianajson/can-i-take-over-dns?ref=blog.projectdiscovery.io
Where is it detected?
- Website Security Monitor
Alert Levels
- YELLOW: A potential DNS takeover vulnerability was found in the DNS configuration of your scanned website.
Recommended Action
For more information, please check the following article:
https://blog.projectdiscovery.io/guide-to-dns-takeovers/
No Comments