Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/obheda12/MoneyScope

A Simple Tool to Pull Paid Bounty Scopes for Wide Recon Actvities
https://github.com/obheda12/MoneyScope

Last synced: 21 days ago
JSON representation

A Simple Tool to Pull Paid Bounty Scopes for Wide Recon Actvities

Host: GitHub
URL: https://github.com/obheda12/MoneyScope
Owner: obheda12
Created: 2021-02-21T23:10:52.000Z (almost 4 years ago)
Default Branch: main
Last Pushed: 2021-02-22T03:59:47.000Z (almost 4 years ago)
Last Synced: 2024-08-05T17:45:45.893Z (4 months ago)
Language: Shell
Size: 414 KB
Stars: 102
Watchers: 5
Forks: 21
Open Issues: 1
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-hacking-lists - obheda12/MoneyScope - A Simple Tool to Pull Paid Bounty Scopes for Wide Recon Actvities (Shell)

README

![Logo](https://github.com/obheda12/MoneyScope/blob/main/MoneyScopeResized.png)
# MoneyScope
MoneyScope is a simple tool that pulls program scope data from a variety of sources, filters for all bug bounty scopes with an actual payout, and then filters again to remove any fluff/formatting issues in order to provide you with a succint scope of paying bounty domains and TLDs

# Requirements
Please install the following tools and have them in your /usr/bin folder prior to running MoneyScope:

- https://github.com/hakluke/haktldextract
- https://github.com/stedolan/jq

If you do not have these tools installed, please run the install.sh script

# Data Resources
MoneyScope relies on the Chaos Project as well as the repository @Arkadiyt (https://github.com/arkadiyt/bounty-targets-data) which update their sources daily.

To date MoneyScope pulls data from:
- Chaos Database
- HackerOne
- Bugcrowd
- Intigriti
- YesWeHack
- Federacy Data
- Hackenproof Data

# Usage
The usage of MoneyScope is fairly simple. Specify a flag as specified in the usage guide and MoneyScope will pull data for relative to the flag you have specified within seconds.

# Examples
Pull Paid Bounty Data from All Sources
``` ./MoneyScope.sh -a ```

Pull Paid Bounty Data from Bugcrowd and Hackerone Only
``` ./MoneyScope.sh -bh ```

Pull Paid Bounty Data from YesWeHack, Hackerone, and Intigriti Only
``` ./MoneyScope.sh -yhi ```

# Output
MoneyScope will output data from paying bounty programs into 2 text files in your current working directory. The first file will be all the domains from the scope you specified. The second file be all the TLDs extracted from the domains you gathered using the tool by @hakluke (https://github.com/hakluke/haktldextract).

![Output](https://github.com/obheda12/MoneyScope/blob/main/MoneyScopeTerminalOutput.png)

## If you like MoneyScope and want to see more cool tools!

# Disclaimer
This project is made for educational and ethical testing purposes only. Usage of this tool for attacking targets without prior mutual consent is illegal. Developers assume no liability and are not responsible for any misuse or damage caused by this tool.