Script written in bash that perpetually checks for subdomains of teh target domains at regular intervals to identify and notify the user as and when a new subdomain goes live. SubAlarm was created with the intent of assisting bug hunters and red teamers to be completely aware of all subdomains of the targeted domain(s).
I finally tried my hand at scripting and I'm pleased to say that I wrote this script based on the showcase of the subfinder, notify tool by @projectdiscovery on NahamSec's youtube channel over here https://youtu.be/wP3n1JnqtMU .
-
Golang should be installed
sudo apt install golang -y -
The nohup command should be available . It is by default installed as a part of the 'coreutils' package.
sudo apt install coreutils -
The GOPATH [/home/USERNAME/go/bin/] should be added to the $PATH environment variable
-
subfinder by projectdiscovery is to be installed
go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest -
notify by projectdiscovery is to be installed
go install -v github.com/projectdiscovery/notify/cmd/notify@latest -
-- Telegram bot made using @botfather on telegram and it's API Key and chat IDs
A. -- Instead of Telegram any of the providers mentioned here can be used
https://github.com/projectdiscovery/notify#provider-config. It goes to say that thealert_sub.shand thealertconfig.yamlfiles must be altered accordingly
-
Clone the repository
git clone https://github.com/kriptn/Subdomain-Alert-Bot/ -
Add the target domains in
targetdomainlist.txtA. Alternatively to target one single domain, the
-dLflag in line 8 can be replaced with-dfollowed by the target domain -
Run the below to execute the script and have it run in the background
$ nohup ./subalarm.sh > output.log 2>&1 &
-
The list of already identified subdomains are to pasted in
subop.txt. -
sort is used to alphabatically arrange the list of subdomains in
subop.txtto facilitate comparison -
subfinder is used to generate a list of subdomains of the target domain and are saved in
subop1.txtonce sorted alphabetically. -
diff is used in tandum with grep and sed to identify the differences and the output is saved to
newsubdomains.txt -
The notify tool is integrated with telegram in my interpretation.
-
Making use of the above integration the bot sends the user a notification alerting the user of the new domains identified
-
The first 5 lines of
config.yamlis used to createtemp.txtwhich then replacesconfig.yamlthereby reverting the changes. This enables the configuration file to be used for further iterations. -
Contents of
newsubdomains.txtis appended tosubop.txtand then further sorted to facilitate comparison -
The
runcount.txtis used to keep track of the number of iterations -
The script is ran along with the
nohupcommand as the prefix. I noticed that as an SSH session is closed the script no longer runs in the background despite having used&. The nohup command which is short for 'no hang up' prevents the processes from receving the signal to hang up. -
The entirety of the nohup output (including the std error) is redirected to output.log
-
The script runs at an interval of 60 minutes
To stop the script you can kill the process belonging to the script and the sleep command. The targetdomainlist.txt file can be updated during the interval to add new target domains. The identified domains can be removed from the telegram notification by removing {{data}} from line 13 of the alert_sub.sh The interval at which the script is run can be modified by modifying the number of seconds mentioned in line 22 of the alert_sub.sh
You can reach out to me on my Linkedin: https://www.linkedin.com/in/arjun-sankar-m/