A tool to bruteforce nameservers when working with subdomain delegations to AWS. Based off Frans Rosén's talk "DNS hijacking using cloud providers - no verification needed"
- golang
- AWS IAM User with access to Route53
go get -u github.com/lc/brute53
root@doggos:~# brute53 -c ~/.aws/credentials -delay 2 -t vulnerable.example.com