Skip to content

Fricciolosa-Red-Team/crch

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

51 Commits

utils

utils

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

bbtargets.go

bbtargets.go

 
 

go.mod

go.mod

 
 

grabTargets.sh

grabTargets.sh

 
 

ignored.txt

ignored.txt

 
 

install.sh

install.sh

 
 

monitor.sh

monitor.sh

 
 

Repository files navigation

crch

Continuous Recon Continuous Hacking

Description 📖

It grabs all the second level domains in Bug Bounty programs (Hackerone, Intigriti, BugCrowd and YesWeHack), then it performes subdomains enumeration and check if there are new possible subdomain takeovers with nuclei and nuclei-templates. If there are, it will notify you using one or more than one among Telegram, Discord and Slack.

Note: It was designed to detect subdomain takeovers, but editing this line you can check for specific vulnerabilities (RCE, XSS, SQLi...).

Installation 📩

  • ./install.sh (Run without sudo, then it will ask for password)

Dependencies (installed with the install.sh script):

Usage 🚀

  • Edit the file ~/.config/notify/notify.conf with your keys/tokens.
  • ./grabTargets.sh
  • ./monitor.sh

License 📜

This repository is under GNU General Public License v3.0.

About

Continuous Recon Continuous Hacking

fricciolosa.com

Topics

continuous-testing bounty recon bugbounty cicd vulnerability-scanners reconnaissance subdomain-scanner subdomain-takeover subdomain-enumeration bugbounty-bot bugbounty-tool subdomains-enumeration

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

8 stars

Watchers

0 watching

Forks

2 forks
Report repository

Languages