Skip to content

Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains participating in bug bounty programs.

License

Notifications You must be signed in to change notification settings

nashcontrol/bounty-monitor

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Bounty Monitor

Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains participating in bug bounty programs.

Demo

Installation

The script was tested on Python2.7 and Python3.6

Clone repo and install packages:

git clone https://github.com/nashcontrol/bounty-monitor.git
pip install -r requirements.txt

Usage

python bounty-monitor.py

Analyze the results

Log file created with all found subdomains to all_subdomains.log and ones that are live and aged less than 90 days to live_subdomains.log

Subdomain database subdomains.db is initialized and maintained locally to keep track of identified live and known subdomains.

Inspired by

  1. bucket-stream - Find interesting Amazon S3 Buckets
  2. phishing_catcher - Catching malicious phishing domain names
  3. bug-bounty-list.txt - A list of bug bounty urls

License

MIT

About

Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains participating in bug bounty programs.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published