This is a script to chain together various bug bounty tools to check for simple issue and build a set of resources to base manual testing on. This is a continual work in progress, as I learn more.
The tools used are:
Subdomain enumeration:
Subdomain verification:
- massdns - confirm the subdomains resolve
- wildcheck - remove wildcard domains (eg *.example.com)
- httprobe - see which domains have responding web servers
Finding URLs:
- hakrawler - crawl the subdomains for links
- getallurls - get all known links from alienvault, wayback & common crawl
Checking for ...
Configuration settings can be put in config.py. The links above all have installation instructions, or you can take a look at my script update-kali for a more automated approach.