SentinelDeck flags dangling subdomains vulnerable to takeover by matching service fingerprints in src/sentineldeck/scanners/takeover.py (the SERVICES list). Expanding coverage is a perfect first contribution.
What to do
- Pick one or more services not already covered, using https://github.com/EdOverflow/can-i-take-over-xyz (e.g. Shopify, Fastly, Ghost, Surge.sh, Tumblr, Webflow, Help Scout).
- Add an entry to
SERVICES with the CNAME pattern(s) and the response fingerprint string that indicates an unclaimed resource.
- Add or extend a case in
tests/test_takeover.py.
Acceptance
- New service entry + a test that proves it matches.
ruff check . and pytest -q pass.- Stays passive: detection is fingerprint-matching only, no claiming or exploitation.
Comment to claim it and ask any questions.
SentinelDeck flags dangling subdomains vulnerable to takeover by matching service fingerprints in
src/sentineldeck/scanners/takeover.py(theSERVICESlist). Expanding coverage is a perfect first contribution.What to do
SERVICESwith the CNAME pattern(s) and the response fingerprint string that indicates an unclaimed resource.tests/test_takeover.py.Acceptance
ruff check .andpytest -qpass.Comment to claim it and ask any questions.