Skip to content
This repository has been archived by the owner on Nov 25, 2022. It is now read-only.

Home

Jump to bottom
Tarun Koyalwar edited this page Feb 5, 2022 · 2 revisions

Welcome to the Sandman wiki!

This App vs AnyOther Note Taking App (Ex Notion,SwiftnessX etc)

There are already lot of Note Taking Apps that can be used to effectively takes notes and todo etc like SwiftnessX, Notion etc.

The Goal And Idea Behind this App is to Develop the best possible Intelligent Automation while maintaining its robustness and speed. App is divided into pages and section while keeping in mind the goal of automation . Since this app uses MongoDB for Backend we can effectively manage and store the data instead of creating project folders , files and then backing them up .

This is the First Release so Lot of Planned Content Has Not been Implemented Yet. The Most Important of them Include Following.

  • Editable MarkDown Support
  • Automation
    • Script Engine
      • Checkpoints
      • Multiprocessing
      • Scheduling
      • Regex , Pre and Post Processing
      • Resource Control (Docker)
    • Notify Support
  • Browser Extensions
  • Docker + Fyne Terminal

This App Also has an awesome cmd client app Matthew to store and retrieve data to UI App. It can be seamlessly integrated with your bash scripts / tools . It is similar to Linux Command tee

asserfinder abc.com | matthew web -s abc.com -t assetfinder --post

Structure

Each Section of This App is Named as Page . There are total of 12 Pages Excluding Web CheckLists and Org CheckLists .As seen in below Image.

All-subs

These pages are divided into 4 Sections .

- Program Summary

This Section Contains basic Info which we usually obtain From Program Page. In Future Releases This section will be autofilled by browser extensions when we visit program page of bug bounty program sites.

- Subdomain Enum

This Section Consists of All Subdomains We Found and Active Subdomains . It will automatically remove any duplicate entries . In Future Release a Plugin will be available which will use a dns resolver to filter out dead and alive domains.

- WayBack Urls

This Section Consists of All Urls We Found and Active Urls . It will automatically remove any duplicate entries . In Future Release a Plugin will be available which will use filter out dead alive Urls and get any juicy info from these urls.

- Notes and Stuff

This Section is for Note Taking and Storing Credentials we created while testing on programs etc.

- CheckLists

This Section consists of two pages Org CheckList and Web CheckLists

Org CheckList

This Page has checklist that is unique for each project . This Checklist is intended for programs with wider scope. where we need to do subdomain Enumeration finding acquisitions etc.

Web CheckList

This Page Obtains subdomains from active subdomains page and creates new checklist for each subdomain . It automatically converts cidr to ip addresses . This page has Organized View Which will group active subdomains based on tlds, Ip addresses based on their CIDR and other Ip addresses.

To View all subs Use <- button available to left of Web CheckList Header.

CheckList Structure

Each checklist entry has a CheckBox and progress bar uses these checkboxes for tracking progress . When any CheckList Entry is tapped we can see a payload section , notes section and tooloutput .

- Payload Section

This area will contain commands , one liners or bash scripts ex nmap -v -sC -sV -Pn @top1000ports @domain . @this are variables and will be managed by Scripting Engine . This Entire Payload Section Will also be managed by Scripting Engine Which will be in Future Releases . The Idea Behind this section is that When we start working on a program scripting engine will run payload section of all checklist entries and store results in ToolOUtput Section and we only need to analyze results (Or Something More can be done here)

- Notes Section

This Notes Section will consists of any personal notes we want to have with this specific CheckList Entry .

Payload and Notes Section Will Persist In each project and are tied to CheckList Entry

- ToolOutput

This section will only host the tool outputs returned from anytools we executed . This Data is tied to project so it will not persist for different project.

CheckList

CheckList Import & Export

By Default When Application Loads It Fetches Global Org CheckList (using name : orgdefault) and Global Web CheckList (using name: default) . If Not Found App Uses Embedded template as sample data. For Any Project After Updating Your CheckList If you want to Set it as Global Just Export CheckLists under their respective names (org CheckList : orgdefault) and (web checklist : default ) .

Clone this wiki locally