Created
May 10, 2023 08:38
-
-
Save z0rs/ec6d9337593d3259c34e9d5271713975 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env zsh | |
# Download JSON file containing a list of bug bounty programs and their domains | |
curl -O "https://raw.githubusercontent.com/projectdiscovery/public-bugbounty-programs/master/chaos-bugbounty-list.json" | |
# Create folders for each bug bounty program | |
cat chaos-bugbounty-list.json | jq -r '.programs[] | select(.bounty==true) | .name' | while read folder; do mkdir -p "$folder" -v; done | |
# For each bug bounty program, get the domains and save them to a file | |
for (( i=0; i < $(cat chaos-bugbounty-list.json | jq -r '.programs | length'); i++ )) | |
do | |
PROGRAM=$(cat chaos-bugbounty-list.json | jq --arg i "$i" -r '.programs | .[$i | tonumber]') | |
PROGRAM_NAME=$(echo "$PROGRAM" | jq -r '.name') | |
PROGRAM_BOUNTY=$(echo "$PROGRAM" | jq -r '.bounty') | |
if [ "$PROGRAM_BOUNTY" = "true" ]; then | |
echo "Processing $PROGRAM_NAME ..." | |
echo "$PROGRAM" | jq -r '.domains[]' > "$PROGRAM_NAME/assets.txt" | |
fi | |
done | |
# For each bug bounty program, run subdomain enumeration and technology identification | |
for BBP in ~/Recon/*; do | |
if [ -d "$BBP" ] | |
then | |
cd "$BBP" | |
subfinder -dL assets.txt -o subdomains.txt | |
while read TARGET; do | |
echo "Finding technology for $TARGET" | |
HTTP_TARGET=$(echo "$TARGET" | httpx -silent | xargs) | |
if [ -z "$HTTP_TARGET" ] | |
then | |
echo "Target not active" | |
else | |
wappalyzer "$HTTP_TARGET" | jq '.' > "$(echo $HTTP_TARGET | sed -e 's/[^[:alnum:]]/_/g').tech.json" | |
fi | |
done < subdomains.txt | |
fi | |
done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment