Skip to content

Fricciolosa-Red-Team/crch

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

51 Commits
utils
utils
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
bbtargets.go
bbtargets.go
 
 
go.mod
go.mod
 
 
grabTargets.sh
grabTargets.sh
 
 
ignored.txt
ignored.txt
 
 
install.sh
install.sh
 
 
monitor.sh
monitor.sh
 
 

Repository files navigation

crch

Continuous Recon Continuous Hacking

Description 📖

It grabs all the second level domains in Bug Bounty programs (Hackerone, Intigriti, BugCrowd and YesWeHack), then it performes subdomains enumeration and check if there are new possible subdomain takeovers with nuclei and nuclei-templates. If there are, it will notify you using one or more than one among Telegram, Discord and Slack.

Note: It was designed to detect subdomain takeovers, but editing this line you can check for specific vulnerabilities (RCE, XSS, SQLi...).

Installation 📩

  • ./install.sh (Run without sudo, then it will ask for password)

Dependencies (installed with the install.sh script):

Usage 🚀

  • Edit the file ~/.config/notify/notify.conf with your keys/tokens.
  • ./grabTargets.sh
  • ./monitor.sh

License 📜

This repository is under GNU General Public License v3.0.

About

Continuous Recon Continuous Hacking

fricciolosa.com

Topics

continuous-testing bounty recon bugbounty cicd vulnerability-scanners reconnaissance subdomain-scanner subdomain-takeover subdomain-enumeration bugbounty-bot bugbounty-tool subdomains-enumeration

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

8 stars

Watchers

0 watching

Forks

2 forks
Report repository

Languages