help@cyb4rgeek.xyz

+1 (512) 588 6950

Setting up your bug bounty scripts with Python and Bash — The subdomain monitoring bot

Home/Setting up your bug bounty scr...
Setting up your bug bounty scripts with Python and Bash — The subdomain monitoring bot
Linux machine (CMD)
Photo by Sai Kiran Anagani on Unsplash; Automation script
.
├── domains.txt
├── init.py
├── last.txt
├── main.sh
├── max.txt
├── runner.py
├── sorter.py
└── targets
├── abc.com
│   ├── new-subdomains.txt
│   └── subdomains.txt
└── xyz.com
├── new-subdomains.txt
└── subdomains.txt
import os

# Edit the line below to specify the number of domains to be scanned in a run
max_scans = 11

last_scanned_url = open(“last.txt”, ‘r’).read().replace(“\n”, ”)

length = 0

with open(“domains.txt”, “r”) as urls_file:
for url in urls_file:
url = url.replace(‘\n’, ”)
if url == last_scanned_url:
for i in range(max_scans):
next_url = urls_file.readline().replace(‘\n’, ”)
print(next_url)
length += 1
open(‘last.txt’, ‘w’).write(next_url)

if length < max_scans:
with open(“domains.txt”, ‘r’) as urls_file:
for url in urls_file:
url = url.replace(‘\n’, ”)
if length < max_scans:
print(url)
length += 1
open(‘last.txt’, ‘w’).write(url)

 

Video to sorter.py

Setting up slack channel

Click on add channels button
Giving the channel a name
Giving the channel a name
Create an app on https://api.slack.com
Creating a new app
Create an app with scratch
Select scratch here
Navigate to INCOMING WEBHOOKS
Incoming webhook
Incoming webhooks switched on
Switch incoming webhooks on
The screen to add new webhook
Slack webhook API
Grant the bot permission to send message
Allow the bot to send messages to slack channel with help of incoming webhook
cURL command
Get the cURL command for sending a slack message
Executing the command
Execute the command
Message in slack channel
And check your slack channel for the message

runner.py — The main script

import requests

def send_msg_to_slack(message):
# Get your webhook URL `Incoming Webhooks` page. It will be like
# https://hooks.slack.com/services/T04RRRRRRRR/B04RRRRRRRR/B55JREDACTEDREDACTEDAAAA
# The link above is just a random link
webhook_url = “<paste_your_webhook_URL_here>”
payload = {“text”: message}
requests.post(webhook_url, json=payload)

 

from os import system

def run_amass():
with open(“max.txt”, ‘r’) as file:
for target in file:
target = target.replace(“\n”, ”)
system(f”cd targets/{target}/ && amass enum -d {target} -o new-subdomains.txt”)

# read the old subdomain list and save it in old_subdomains
old_subdomains = []
with open(f”targets/{target}/subdomains.txt”, ‘r’) as old_subdomain_list:
for subdomain in old_subdomain_list:
subdomain = subdomain.replace(‘\n’, ”)
old_subdomains.append(subdomain)

# read the new subdomain list and save it in new_subdomains
new_subdomains = []
with open(“targets/{target}/new-subdomains.txt”, ‘r’) as new_subdomain_list:
for subdomain in new_subdomain_list:
subdomain = subdomain.replace(“\n”, ”)
new_subdomains.append(subdomain)

# compare them and send new ones to slack and
# also write them to old subdomain list
found_subdomains = [] # will store the unique subdomains/newly found
for subdomain in new_subdomains:
if subdomain in old_subdomains:
pass
else:
found_subdomains.append(subdomain)
if len(found_subdomains > 0):
msg = “The following new subdomains were found:-”
for subdomain in found_subdomains:
msg = msg + “\n” + subdomain
send_msg_to_slack(msg)
# now, write them to old subdomains file
to_write = open(f”targets/{target}/subdomains.txt”, ‘r’).read()
for subdomain in found_subdomains:
if to_write == “”:
to_write = subdomain
else:
to_write = to_write + “\n” + “”
open(f”targets/{target}/subdomains.txt”, ‘w’).write(to_write)

 

import os

with open(“init.txt”, ‘r’) as file:
for line in file:
line = line.replace(‘\n’, ”)
os.mkdir(f”targets/{line}”)
os.system(f’cd targets/{line}/ && amass enum -d {line} -o subdomains.txt’)
open(‘domains.txt’, ‘a’).write((“\n” + line))

 

python3 sorter.py > max.txt
python3 runner.py
00 01 * * * cd /path/to/your/bot/folder/ && ./main.sh

Leave a Reply