Skip to content

Latest commit

 

History

History
36 lines (26 loc) · 1.63 KB

README.md

File metadata and controls

36 lines (26 loc) · 1.63 KB

crch

Continuous Recon Continuous Hacking

Description 📖

It grabs all the second level domains in Bug Bounty programs (Hackerone, Intigriti, BugCrowd and YesWeHack), then it performes subdomains enumeration and check if there are new possible subdomain takeovers with nuclei and nuclei-templates. If there are, it will notify you using one or more than one among Telegram, Discord and Slack.

Note: It was designed to detect subdomain takeovers, but editing this line you can check for specific vulnerabilities (RCE, XSS, SQLi...).

Installation 📩

  • ./install.sh (Run without sudo, then it will ask for password)

Dependencies (installed with the install.sh script):

Usage 🚀

  • Edit the file ~/.config/notify/notify.conf with your keys/tokens.
  • ./grabTargets.sh
  • ./monitor.sh

License 📜

This repository is under GNU General Public License v3.0.