Skip to content

HuntersEye is designed for Bug Bounty Hunters, and Security Researchers to monitor new subdomains and certificates for specified domains. The primary goal is to streamline and expedite the process of monitoring newly registered subdomains and SSL certificates related to specified target domains.

License

Notifications You must be signed in to change notification settings

kljunowsky/HuntersEye

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Hunters Eye 🧿

HuntersEye is designed for Bug Bounty Hunters, and Security Researchers to monitor new subdomains and certificates for specified domains. The primary goal is to streamline and expedite the process of monitoring newly registered subdomains and SSL certificates related to specified target domains. The rapid identification and penetration of new subdomains a is crucial for bug bounty hunting.

Be one step ahead with HuntersEye.

Installation 🏗️

pip3 install -r requirements.txt

Usage 🛠

Filter newly issued certificates by domain

python3 HuntersEye.py -d tesla.com

Filter newly issued certificates by domains from the file

python3 HuntersEye.py -df domains.txt

Filter newly issued certificates by domains from file and notify on telegram with the output file

python3 HuntersEye.py -df domains.txt -telegram config.yaml -o output.json

Telegram Config File 🔖

telegram:
  - id: "tel"
    telegram_api_key: "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
    telegram_chat_id: "XXXXXXXXXX"
    telegram_parsemode: "Markdown"

Running from Docker 🐳

Build

docker build -t hunterseye .

Run

docker run -v $(pwd)/data:/data  -ti hunterseye -df data/domains.txt -telegram data/config.yaml -o /data/output.json

Parameters 🧰

Parameter Description Type
--domain / -d Domain Filter String
--domain-file / -df Domains Filter File
--top-level-domain / -df TLD Filter String
-telegram Telegram Config File File
--output-file / -o Root domain used for CloudFlare Bypass File
-f STDOut Filter (text/json) String

Use Cases 📑

Create a subdomain bruteforce wordlist

timeout 24h python3 HuntersEye.py -tld io -o output.json
cat output.json |jq -r '.domain' | dsieve -f 3 | awk -F '.' '{print $1}' | sort -u | tee subdomain_bruteforce.txt

Dsieve from Trickest

Check the presence of web application on new subdomain

python3 HuntersEye.py -d target.tld -o output.json
cat output.json | jq -r '.domain' | httpx -tech-detect -status-code -title -web-server -ip -cdn -asn -o httpx_output.txt

httpx from ProjectDiscovery

Vulnerability Scanning

python3 HuntersEye.py -d target.tld -o output.json
cat output.json | jq -r '.domain' | nuclei -o nuclei_output

nuclei from ProjectDiscovery

Port Scanning

python3 HuntersEye.py -d target.tld -o output.json
cat output.json | jq -r '.domain' | naabu -tp 10000 -o naabu_output.txt

naabu from ProjectDiscovery

Contact Me 📇

LinkedIn - Milan Jovic

Twitter - Milan Jovic

About

HuntersEye is designed for Bug Bounty Hunters, and Security Researchers to monitor new subdomains and certificates for specified domains. The primary goal is to streamline and expedite the process of monitoring newly registered subdomains and SSL certificates related to specified target domains.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published