{"id":59,"date":"2026-06-16T12:59:58","date_gmt":"2026-06-16T09:59:58","guid":{"rendered":"https:\/\/secradar.net\/blog\/subdomain-takeover-nedir\/"},"modified":"2026-06-16T12:59:58","modified_gmt":"2026-06-16T09:59:58","slug":"subdomain-takeover-nedir","status":"publish","type":"post","link":"https:\/\/secradar.net\/blog\/subdomain-takeover-nedir\/","title":{"rendered":"Subdomain Takeover Nedir? Sahipsiz Alt Alan Ad\u0131 Ele Ge\u00e7irme"},"content":{"rendered":"<p>\u015eirketlerin DNS kay\u0131tlar\u0131 zamanla birikir: bir blog i\u00e7in a\u00e7\u0131lan <code>blog.sirket.com<\/code>, bir kampanya i\u00e7in kurulan <code>promo.sirket.com<\/code>, test ama\u00e7l\u0131 bir <code>staging.sirket.com<\/code>\u2026 Bu servisler kapat\u0131ld\u0131\u011f\u0131nda \u00e7o\u011fu zaman <strong>DNS kayd\u0131 silinmeyi unutulur<\/strong>. \u0130\u015fte &#8220;subdomain takeover&#8221; tam da bu unutulmu\u015f kay\u0131tlar\u0131 hedefler.<\/p>\n<h2>Subdomain Takeover Nedir?<\/h2>\n<p>Subdomain takeover (alt alan ad\u0131 ele ge\u00e7irme), bir alt alan ad\u0131n\u0131n <strong>art\u0131k var olmayan<\/strong> bir \u00fc\u00e7\u00fcnc\u00fc-taraf servise i\u015faret etmesi durumunda, sald\u0131rgan\u0131n o servisteki bo\u015f kayna\u011f\u0131 kendi ad\u0131na kaydederek alt alan ad\u0131n\u0131n kontrol\u00fcn\u00fc ele ge\u00e7irmesidir. Sonu\u00e7: <code>blog.sirket.com<\/code> adresinde art\u0131k sald\u0131rgan\u0131n i\u00e7eri\u011fi yay\u0131nlan\u0131r \u2014 \u00fcstelik kurban\u0131n <em>kendi alan ad\u0131<\/em> ve \u00e7o\u011fu zaman ge\u00e7erli SSL sertifikas\u0131yla.<\/p>\n<h2>Nas\u0131l Olu\u015fur? (Dangling DNS)<\/h2>\n<p>Tipik senaryo \u015f\u00f6yle i\u015fler:<\/p>\n<ol>\n<li>Bir alt alan ad\u0131 i\u00e7in CNAME kayd\u0131 olu\u015fturulur: <code>blog.sirket.com \u2192 sirket.github.io<\/code> (GitHub Pages, Heroku, AWS S3, Azure, Netlify, Shopify vb.).<\/li>\n<li>Zamanla o servisteki kaynak (GitHub repo, Heroku app, S3 bucket\u2026) silinir.<\/li>\n<li>Ancak <strong>CNAME kayd\u0131 DNS&#8217;te kal\u0131r<\/strong> \u2014 art\u0131k hi\u00e7bir yere ba\u011fl\u0131 olmayan, &#8220;dangling&#8221; (sarkan) bir kay\u0131t.<\/li>\n<li>Sald\u0131rgan, ayn\u0131 serviste o ismi (\u00f6rn. <code>sirket.github.io<\/code>) yeniden kaydeder ve alt alan ad\u0131 art\u0131k onun kontrol\u00fcndedir.<\/li>\n<\/ol>\n<h2>Riskleri Ne?<\/h2>\n<ul>\n<li><strong>\u0130nand\u0131r\u0131c\u0131 phishing:<\/strong> Kurban\u0131n ger\u00e7ek alan ad\u0131 alt\u0131nda sahte giri\u015f sayfalar\u0131 bar\u0131nd\u0131r\u0131l\u0131r \u2014 kullan\u0131c\u0131lar adres \u00e7ubu\u011funda do\u011fru markay\u0131 g\u00f6rd\u00fc\u011f\u00fc i\u00e7in kolayca kanar.<\/li>\n<li><strong>\u00c7erez\/oturum \u00e7alma:<\/strong> Ana alan ad\u0131yla payla\u015f\u0131lan \u00e7erezler (<code>.sirket.com<\/code> kapsaml\u0131) ele ge\u00e7irilen alt alan ad\u0131ndan okunabilir.<\/li>\n<li><strong>Marka ve itibar zarar\u0131:<\/strong> Markan\u0131z alt\u0131nda zararl\u0131\/uygunsuz i\u00e7erik yay\u0131nlanabilir.<\/li>\n<li><strong>Ge\u00e7erli SSL ile me\u015fru g\u00f6r\u00fcn\u00fcm:<\/strong> Sald\u0131rgan, ele ge\u00e7irdi\u011fi alt alan ad\u0131 i\u00e7in Let&#8217;s Encrypt&#8217;ten sertifika al\u0131p HTTPS kilidini bile g\u00f6sterebilir.<\/li>\n<\/ul>\n<h2>Nas\u0131l Tespit Edilir?<\/h2>\n<p>Tespitin temeli, alt alan adlar\u0131n\u0131n CNAME hedeflerini taramak ve bu hedeflerin &#8220;sahipsiz&#8221; sinyallerini aramakt\u0131r: CNAME bilinen bir servise i\u015faret ediyor ama o kaynak <strong>NXDOMAIN<\/strong> d\u00f6n\u00fcyor ya da servisin &#8220;burada i\u00e7erik yok&#8221; parmak izini (\u00f6r. GitHub Pages i\u00e7in <em>&#8220;There isn&#8217;t a GitHub Pages site here&#8221;<\/em>) veriyorsa, o alt alan ad\u0131 ele ge\u00e7irmeye a\u00e7\u0131kt\u0131r.<\/p>\n<p><a href=\"https:\/\/secradar.net\/alt-alan-adi-bulucu\">SecRadar Alt Alan Ad\u0131 Bulucu<\/a> bu denetimi otomatik yapar: pasif kaynaklardan (Certificate Transparency, AXFR vb.) alt alan adlar\u0131n\u0131 ke\u015ffeder, her birinin CNAME&#8217;ini 18+ bilinen servise kar\u015f\u0131 kontrol eder ve <strong>&#8220;Subdomain Takeover Riski&#8221;<\/strong> bulgusunu g\u00fcven seviyesiyle (dangling \/ fingerprint do\u011frulamal\u0131) raporlar. Wildcard DNS&#8217;li alan adlar\u0131nda sahte pozitifler elenir.<\/p>\n<h2>Nas\u0131l Korunulur?<\/h2>\n<ul>\n<li><strong>Kapatma s\u0131ras\u0131n\u0131 tersine \u00e7evirin:<\/strong> Bir servisi kapat\u0131rken \u00d6NCE DNS kayd\u0131n\u0131 silin, SONRA servisteki kayna\u011f\u0131 kald\u0131r\u0131n.<\/li>\n<li><strong>Sarkan kay\u0131tlar\u0131 d\u00fczenli taray\u0131n:<\/strong> Hi\u00e7bir kayna\u011fa ba\u011fl\u0131 olmayan CNAME\/A kay\u0131tlar\u0131n\u0131 DNS&#8217;inizden temizleyin.<\/li>\n<li><strong>Envanter tutun:<\/strong> Hangi alt alan ad\u0131n\u0131n hangi servise i\u015faret etti\u011fini kay\u0131t alt\u0131nda tutun.<\/li>\n<li><strong>S\u00fcrekli izleyin:<\/strong> Yeni alt alan ad\u0131 olu\u015ftu\u011funda veya bir kay\u0131t sarkmaya ba\u015flad\u0131\u011f\u0131nda haberdar olun.<\/li>\n<\/ul>\n<h2>Sald\u0131r\u0131 Y\u00fczeyinizi G\u00f6r\u00fcn<\/h2>\n<p>Alan ad\u0131n\u0131z\u0131n alt alan adlar\u0131n\u0131 ve takeover risklerini g\u00f6rmek i\u00e7in <a href=\"https:\/\/secradar.net\/alt-alan-adi-bulucu\">Alt Alan Ad\u0131 Bulucu<\/a>, DNS kay\u0131tlar\u0131n\u0131z\u0131 incelemek i\u00e7in <a href=\"https:\/\/secradar.net\/dns-sorgulama\">DNS Sorgulama<\/a>, hangi alt alan adlar\u0131 i\u00e7in sertifika d\u00fczenlenmi\u015f g\u00f6rmek i\u00e7in <a href=\"https:\/\/secradar.net\/sertifika-gecmisi\">Sertifika Ge\u00e7mi\u015fi (CT)<\/a> ara\u00e7lar\u0131m\u0131z\u0131 kullanabilirsiniz. G\u00fcvenilir DNS ve alan ad\u0131 y\u00f6netimi i\u00e7in <a href=\"https:\/\/www.ihs.com.tr\/domain\/alan-adi-domain-tescili.html\" target=\"_blank\" rel=\"noopener\">\u0130HS Telekom alan ad\u0131 hizmetlerini<\/a> inceleyebilirsiniz.<\/p>\n<div style=\"background:#eef2ff;border:1px solid #c7d2fe;border-radius:12px;padding:16px;margin-top:24px\"><b>Sald\u0131r\u0131 y\u00fczeyinizi s\u00fcrekli izleyin.<\/b> <a href=\"https:\/\/secradar.net\/register\">SecRadar&#8217;a \u00fccretsiz \u00fcye olun<\/a>; yeni alt alan ad\u0131, DNS de\u011fi\u015fikli\u011fi ve SSL\/g\u00fcvenlik ba\u015fl\u0131\u011f\u0131 de\u011fi\u015fimlerinde Telegram veya e-posta ile otomatik uyar\u0131 al\u0131n.<\/div>\n","protected":false},"excerpt":{"rendered":"<p>\u015eirketlerin DNS kay\u0131tlar\u0131 zamanla birikir: bir blog i\u00e7in a\u00e7\u0131lan blog.sirket.com, bir kampanya i\u00e7in kurulan promo.sirket.com, test ama\u00e7l\u0131 bir staging.sirket.com\u2026 Bu servisler kapat\u0131ld\u0131\u011f\u0131nda \u00e7o\u011fu zaman DNS kayd\u0131 silinmeyi unutulur. \u0130\u015fte &#8220;subdomain takeover&#8221; tam da bu unutulmu\u015f kay\u0131tlar\u0131 hedefler. Subdomain Takeover Nedir? Subdomain takeover (alt alan ad\u0131 ele ge\u00e7irme), bir alt alan ad\u0131n\u0131n art\u0131k var olmayan bir &#8230; <a title=\"Subdomain Takeover Nedir? Sahipsiz Alt Alan Ad\u0131 Ele Ge\u00e7irme\" class=\"read-more\" href=\"https:\/\/secradar.net\/blog\/subdomain-takeover-nedir\/\" aria-label=\"Read more about Subdomain Takeover Nedir? Sahipsiz Alt Alan Ad\u0131 Ele Ge\u00e7irme\">Devam\u0131n\u0131 oku<\/a><\/p>\n","protected":false},"author":0,"featured_media":58,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-59","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guvenlik"],"_links":{"self":[{"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/posts\/59","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/comments?post=59"}],"version-history":[{"count":0,"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/posts\/59\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/media\/58"}],"wp:attachment":[{"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/media?parent=59"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/categories?post=59"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/secradar.net\/blog\/wp-json\/wp\/v2\/tags?post=59"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}