Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/edoverflow/contact.sh
An OSINT tool to find contacts in order to report security vulnerabilities.
https://github.com/edoverflow/contact.sh
bugbounty infosec osint security
Last synced: 5 days ago
JSON representation
An OSINT tool to find contacts in order to report security vulnerabilities.
- Host: GitHub
- URL: https://github.com/edoverflow/contact.sh
- Owner: EdOverflow
- License: mit
- Created: 2018-01-02T19:14:26.000Z (almost 7 years ago)
- Default Branch: master
- Last Pushed: 2020-01-27T13:38:08.000Z (almost 5 years ago)
- Last Synced: 2024-10-04T20:16:17.562Z (about 1 month ago)
- Topics: bugbounty, infosec, osint, security
- Language: Shell
- Size: 39.1 KB
- Stars: 266
- Watchers: 19
- Forks: 46
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
README
# contact.sh
An OSINT tool to find contacts in order to report security vulnerabilities.
# Installation
## 🐧 GNU/Linux
Make sure you have installed the `whois` and `jq` packages.
```
$ git clone https://github.com/EdOverflow/contact.sh.git
$ cd contact.sh/
$ chmod u+x contact.sh
$ ./contact.sh -d google.com -c google
```
## 🍎 OSX
```
$ brew install gnu-sed --with-default-names
$ brew install jq
$ git clone https://github.com/EdOverflow/contact.sh.git
$ cd contact.sh/
$ chmod u+x contact.sh
$ ./contact.sh -d google.com -c google
```
# Usage
```
$ ./contact.sh
_ _ __ _|_ _ _ _|_ _ |_
(_ (_)| | |_(_|(_ |_ o _> | |
---
by EdOverflow
[i] Description: An OSINT tool to find contacts in order to report security vulnerabilities.
[i] Usage: ./contact.sh [Options] use -d for hostnames (-d example.com), -c for vendor name (-c example), and -f for a list of hostnames in a file (-f domains.txt)
[i] Example: ./contact.sh -d google.com -c google
```
Use the `-d` flag when trying to find addresses linked to a domain. _contact.sh_ will return a "Confidence level" based on the source of the information retrieved. A security.txt file located on the domain will have a higher priority than a Twitter account on the company's website.
```
$ ./contact.sh -d google.com
```
The `-c` flag allows you to specify the company's name.
```
$ ./contact.sh -c google
```
If the company's name contains spaces, make sure to place the name inside quotes.
```
$ ./contact.sh -c "keeper security"
```
You can check a list of domains using the `-f` flag.
```
$ ./contact.sh -f domains.txt
```
For the best results, combine both flags as follows:
```
$ ./contact.sh -d google.com -c google
```
_contact.sh_ abides by the target's robots.txt file.
```
$ ./contact.sh -d linkedin.com
_ _ __ _|_ _ _ _|_ _ |_
(_ (_)| | |_(_|(_ |_ o _> | |
---
by EdOverflow
[+] Finding security.txt files
| Confidence level: ★ ★ ★
[!] The robots.txt file does not permit crawling this hostname.
[+] Checking HackerOne's directory for hostname
| Confidence level: ★ ★ ★
https://hackerone.com/linkedin
```
# Contributing
I welcome contributions from the public.
### Using the issue tracker 💡
The issue tracker is the preferred channel for bug reports and features requests.
### Issues and labels 🏷
The bug tracker utilizes several labels to help organize and identify issues.
### Guidelines for bug reports 🐛
Use the GitHub issue search — check if the issue has already been reported.