sz3n/bug bounty monitor - assetnote installation

## bug bounty monitor - assetnote installation
Assetnote is a new subdomains supervision tools which allow for real-time notifications about
newlly added subdomains

The tool is especially usefull for bug bounty

As I'm starting playing in bug bounties the tool seems extremelly apealing
The project can be found at https://github.com/infosec-au/assetnote

# installation #
/** My VPS is runing Ubuntu LTS 14.04 **/
just follow the instructions in the very well detailled README file
the following cmd:
pip install -r requirements.txt
just does the magic

# difficulties encountered#
After firing up the "assetnote" service everything runs just fine, the web interface works well
However no subdomains are collected from "threatcrowd"
After a quick check, i found out the the HTTP GET request for threatcrowd's API didn't work correctlly. The following erros were received:

/usr/local/lib/python2.7/dist-packages/requests/packages/urllib3/util/ssl_.py:315: SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can                                          cause validation failures. For more information, see https://urllib3.readthedocs.org/en/latest/secu                                         rity.html#snimissingwarning.
  SNIMissingWarning
/usr/local/lib/python2.7/dist-packages/requests/packages/urllib3/util/ssl_.py:120: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.rea                                         dthedocs.org/en/latest/security.html#insecureplatformwarning.
  InsecurePlatformWarning
[Errno 1] _ssl.c:510: error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error


After some googling it turned out to be due to a problem in "python version":
https://urllib3.readthedocs.org/en/latest/security.html#snimissingwarning

Python version prior to 2.7.9 gets this kind of errors while using package "requests" to establish HTTPS connections.
My version at the time was 2.7.6.

I upgraded my python to 2.7.9 following the post at :
https://renoirboulanger.com/blog/2015/04/upgrade-python-2-7-9-ubuntu-14-04-lts-making-deb-package/
(important to install libsqlite3-dev, otherwise an error will be encountered when importing sqlite3)

Problem solved. Now i own a magic "subdomain" supervision tool. Thx to "infosec-au"

cheers
	Assetnote is a new subdomains supervision tools which allow for real-time notifications about
	newlly added subdomains

	The tool is especially usefull for bug bounty

	As I'm starting playing in bug bounties the tool seems extremelly apealing
	The project can be found at https://github.com/infosec-au/assetnote

	# installation #
	/ My VPS is runing Ubuntu LTS 14.04 /
	just follow the instructions in the very well detailled README file
	the following cmd:
	pip install -r requirements.txt
	just does the magic

	# difficulties encountered#
	After firing up the "assetnote" service everything runs just fine, the web interface works well
	However no subdomains are collected from "threatcrowd"
	After a quick check, i found out the the HTTP GET request for threatcrowd's API didn't work correctlly. The following erros were received:

	/usr/local/lib/python2.7/dist-packages/requests/packages/urllib3/util/ssl_.py:315: SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can cause validation failures. For more information, see https://urllib3.readthedocs.org/en/latest/secu rity.html#snimissingwarning.
	SNIMissingWarning
	/usr/local/lib/python2.7/dist-packages/requests/packages/urllib3/util/ssl_.py:120: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.rea dthedocs.org/en/latest/security.html#insecureplatformwarning.
	InsecurePlatformWarning
	[Errno 1] _ssl.c:510: error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error


	After some googling it turned out to be due to a problem in "python version":
	https://urllib3.readthedocs.org/en/latest/security.html#snimissingwarning

	Python version prior to 2.7.9 gets this kind of errors while using package "requests" to establish HTTPS connections.
	My version at the time was 2.7.6.

	I upgraded my python to 2.7.9 following the post at :
	https://renoirboulanger.com/blog/2015/04/upgrade-python-2-7-9-ubuntu-14-04-lts-making-deb-package/
	(important to install libsqlite3-dev, otherwise an error will be encountered when importing sqlite3)

	Problem solved. Now i own a magic "subdomain" supervision tool. Thx to "infosec-au"

	cheers