I am currently working on a project that I have never attempted before, a programming project.
While my project is not written in Python (We’ll get there eventually), this was the first project that I had set out to solve without very much experience within the beginning.
So onto my project, I have found myself recently trying to do bug bounties on platforms such as Hacker One or Bug Crowd but the time demand from bug bounties has been a struggle for me. The time to setup my VM… The time it took to look at all of the entities… And then time to run a whole bunch of tools by hand was just too long. I have recently found a great talk by Daniel Miessler and how he worked through the process of building an automation framework for all the boring but VERY important recon of a target. Daniel in his talk explained that you could have many small scripts that work together to complete a task… So after listening to that talk, I decided to go out and start my own framework.
I present “bb-automation“. Boring name, I know. It’s all… still a work in progress.
So pretty much, there are submodules that work together to feed the output of one tool to the input of another tool. All of these tools are configured in the “automation.sh” script which handles the order of operation, the webhook notifications, and the cleaning process of the script. I still have many things to go back over and clean up, as well as a few tools I would to add into the mix.
As it currently stands now, the following tools are:
#Basic Recon Automation Steps
input=domains.txt
${AUTOMATION_PATH}/subfinder.sh
${AUTOMATION_PATH}/host_resolve.sh
${AUTOMATION_PATH}/livehostfinder.sh
${AUTOMATION_PATH}/httpx.sh
${AUTOMATION_PATH}/get_robots.sh
${AUTOMATION_PATH}/aquatone.sh
${AUTOMATION_PATH}/nmap_domains.sh
#Advanced Recon Automation Steps
${AUTOMATION_PATH}/googledorks.sh
${AUTOMATION_PATH}/nuclei.sh
${AUTOMATION_PATH}/subjack.sh
${AUTOMATION_PATH}/ffuf.shI have this automation saved in my crontab for scheduling. Once the automation.sh script starts running, it notifies the slack channel that the tool has begun and rolls through the list above from first to last. Once the script / scanning is complete, it git pushes up to my gitlab repo for viewing / backup.
Now that I have something kind of working, I think I am going to focus on putting tools in and making it super simple to hot swap tools that at needed to be ran for the program you are scanning.