DEV Community

Cover image for How to Check for Subdomain Takeover in Symfony
Pentest Testing Corp
Pentest Testing Corp

Posted on

2 1

How to Check for Subdomain Takeover in Symfony

Subdomain takeover is a critical vulnerability that occurs when a DNS record points to a resource (like an S3 bucket or Heroku app) that has been deleted, but the DNS record still exists. Attackers can claim the resource and host malicious content on your subdomain.

In this guide, youโ€™ll learn how to check for subdomain takeover in Symfony, with real-world coding examples, free tools, and prevention tips.

How to Check for Subdomain Takeover in Symfony

For more cybersecurity insights, visit the Pentest Testing Blog.


๐Ÿ” Why Does Subdomain Takeover Happen?

It happens when:

  • You configure a CNAME to a cloud service (e.g., sub.domain.com โ†’ app.herokuapp.com).
  • You delete the app, but keep the DNS record.
  • An attacker claims app.herokuapp.com and hosts their own content.

This can lead to phishing, content injection, and brand damage.

๐Ÿ“ท Screenshot: Free Website Vulnerability Scanner

Hereโ€™s a screenshot of our Website Vulnerability Scanner, you can use to scan your site for vulnerabilities, including misconfigured DNS:

Screenshot of the free tools webpage where you can access security assessment tools.Screenshot of the free tools webpage where you can access security assessment tools.

You can try it yourself at ๐Ÿ‘‰ https://free.pentesttesting.com/


๐Ÿง‘โ€๐Ÿ’ป How to Detect Vulnerable Subdomains in Symfony

Below are actionable steps with Symfony-specific examples.


1๏ธโƒฃ Scan Your Subdomains Programmatically

Symfony allows you to build console commands easily to automate tasks.
Hereโ€™s an example Symfony Command to list and check subdomains using host command:

// src/Command/CheckSubdomainsCommand.php

namespace App\Command;

use Symfony\Component\Console\Command\Command;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Process\Process;

class CheckSubdomainsCommand extends Command
{
    protected static $defaultName = 'app:check-subdomains';

    protected function execute(InputInterface $input, OutputInterface $output): int
    {
        $subdomains = [
            'test.domain.com',
            'blog.domain.com',
            'shop.domain.com',
        ];

        foreach ($subdomains as $sub) {
            $process = Process::fromShellCommandline("host {$sub}");
            $process->run();

            if (!$process->isSuccessful()) {
                $output->writeln("<error>Failed to resolve {$sub}</error>");
            } else {
                $output->writeln("<info>{$sub}: {$process->getOutput()}</info>");
            }
        }

        return Command::SUCCESS;
    }
}
Enter fullscreen mode Exit fullscreen mode

Run it via Symfony CLI:

php bin/console app:check-subdomains
Enter fullscreen mode Exit fullscreen mode

Look for any NXDOMAIN or pointing to unused services.


2๏ธโƒฃ Use Our Free Tool for Automated Scanning

You can use https://free.pentesttesting.com/ to instantly check your website.
It detects:

  • Unclaimed DNS records
  • Vulnerable subdomains
  • Misconfigured security headers

๐Ÿ“ท Screenshot: Example Vulnerability Report

Here's a Screenshot of a sample Vulnerability report, which you can use to check Website Vulnerability:

An Example of a vulnerability assessment report generated with our free tool, providing insights into possible vulnerabilities.An Example of a vulnerability assessment report generated with our free tool, providing insights into possible vulnerabilities.


3๏ธโƒฃ Symfony-Specific DNS Checks

If you want to integrate DNS resolution checks in your Symfony controllers for a dashboard, you can use PHPโ€™s dns_get_record:

$records = dns_get_record('test.domain.com', DNS_CNAME | DNS_A);
if (empty($records)) {
    throw new \Exception('No DNS records found โ€“ possible takeover risk!');
}
Enter fullscreen mode Exit fullscreen mode

๐Ÿงฏ How to Prevent Subdomain Takeover

โœ… Regularly audit DNS records.
โœ… Delete unused DNS entries.
โœ… Claim resources (buckets, apps) before releasing domains.
โœ… Use tools like our Free Website Security Scanner monthly.

We also offer professional help ๐Ÿ‘‰ Web Application Penetration Testing


๐Ÿš€ Offer Cybersecurity Services to Your Clients

If youโ€™re a web agency, MSP, or freelancer, you can white-label our security services for your clients.
Learn more here: Offer Cybersecurity Services


๐Ÿ“ฌ Stay Updated

Donโ€™t miss our latest security guides and insights:
๐Ÿ‘‰ Subscribe on LinkedIn


๐Ÿ“– Related Reading


By regularly auditing your DNS and integrating Symfony checks, you can keep your domains secure from takeover attempts. For a full assessment, donโ€™t forget to use our free tool for a Website Security test!

Top comments (0)

Scale globally with MongoDB Atlas. Try free.

Scale globally with MongoDB Atlas. Try free.

MongoDB Atlas is the global, multi-cloud database for modern apps trusted by developers and enterprises to build, scale, and run cutting-edge applications, with automated scaling, built-in security, and 125+ cloud regions.

Learn More

๐Ÿ‘‹ Kindness is contagious

Dive into this thoughtful piece, beloved in the supportive DEV Community. Coders of every background are invited to share and elevate our collective know-how.

A sincere "thank you" can brighten someone's dayโ€”leave your appreciation below!

On DEV, sharing knowledge smooths our journey and tightens our community bonds. Enjoyed this? A quick thank you to the author is hugely appreciated.

Okay