Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/nashcontrol/bounty-monitor
Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains participating in bug bounty programs.
https://github.com/nashcontrol/bounty-monitor
Last synced: 22 days ago
JSON representation
Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains participating in bug bounty programs.
- Host: GitHub
- URL: https://github.com/nashcontrol/bounty-monitor
- Owner: nashcontrol
- License: mit
- Created: 2017-12-29T07:22:22.000Z (almost 7 years ago)
- Default Branch: master
- Last Pushed: 2022-12-07T23:44:47.000Z (about 2 years ago)
- Last Synced: 2024-08-05T17:39:10.444Z (4 months ago)
- Language: Python
- Homepage:
- Size: 26.4 KB
- Stars: 219
- Watchers: 9
- Forks: 50
- Open Issues: 5
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - nashcontrol/bounty-monitor - Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains participating in bug bounty programs. (Python)
README
# Bounty Monitor
Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains participating in bug bounty programs.![Demo](https://i.imgur.com/VpetOcb.png)
### Installation
The script was tested on Python2.7 and Python3.6Clone repo and install packages:
```sh
git clone https://github.com/nashcontrol/bounty-monitor.git
pip install -r requirements.txt
```### Usage
```
python bounty-monitor.py
```### Analyze the results
Log file created with all found subdomains to `all_subdomains.log` and ones that are live and aged less than 90 days to `live_subdomains.log`Subdomain database `subdomains.db` is initialized and maintained locally to keep track of identified live and known subdomains.
## Inspired by
1. [bucket-stream](https://github.com/eth0izzle/bucket-stream) - Find interesting Amazon S3 Buckets
2. [phishing_catcher](https://github.com/x0rz/phishing_catcher) - Catching malicious phishing domain names
3. [bug-bounty-list.txt](https://gist.github.com/Plazmaz/c615559f0d71168c831583778afdb0b9) - A list of bug bounty urlsLicense
----
MIT