Continuous Recon Continuous Hacking
It grabs all the second level domains in Bug Bounty programs (Hackerone, Intigriti, BugCrowd and YesWeHack), then it performes subdomains enumeration and check if there are new possible subdomain takeovers with nuclei and nuclei-templates. If there are, it will notify you using one or more than one among Telegram, Discord and Slack.
Note: It was designed to detect subdomain takeovers, but editing this line you can check for specific vulnerabilities (RCE, XSS, SQLi...).
./install.sh(Run without sudo, then it will ask for password)
Dependencies (installed with the install.sh script):
- Edit the file
~/.config/notify/notify.confwith your keys/tokens. ./grabTargets.sh./monitor.sh
This repository is under GNU General Public License v3.0.