Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains participating in bug bounty programs.
The script was tested on Python2.7 and Python3.6
Clone repo and install packages:
git clone https://github.com/nashcontrol/bounty-monitor.git pip install -r requirements.txt
Analyze the results
Log file created with all found subdomains to
all_subdomains.log and ones that are live and aged less than 90 days to
subdomains.db is initialized and maintained locally to keep track of identified live and known subdomains.
- bucket-stream - Find interesting Amazon S3 Buckets
- phishing_catcher - Catching malicious phishing domain names
- bug-bounty-list.txt - A list of bug bounty urls