pdelteil / bugbountyhuntingscripts Goto Github PK

Display inscope/outscope of a program using showProgram

• showProgram test --inscope
• showProgram test --outscope
• showProgram test --all

• Add a function to retrieve the version of the tool.

• Add function to auto update the tool.

There s no point in probing is the number of stored URLs is equal to the number of domains.

Smarter: Don't send to http probing domains that already have a URL stored.

Even smarter; if probing is false and the domain has a url -> Delete

I've developed these scripts too ad-hoc to my use cases, especially to BBRF.

Using a config file to define tags (programs, domains and urls) sounds like a good idea.

It would work something like this:

config file (yaml)

program:
    tags: site
              rewards
              recon
              android
              ...

urls: 
    tags: fetchedDate
             size
             httpCode
            addedTool
            ...
domains: 
    tags: resolvedDate
              addedDate
              addedTool
              ...

1. From the config file the function addProgram will be automatically generated.
2. showPrograms will be also affected.

The problem ocurrs when calling getDomains with the -p parameter.

getDomains -p program

Output is

[ERROR] BBRF server error: not_found because the argument given to BBRF is %20program.

Use getDomains with a domain given

> getDomains -d domain.com

• Add a program data using a CSV file provided by HackerOne.

• Syntax:
  addPrograms h1 author -f file.csv

Due to the change in nuclei output formatting (now, the date of results do not include date by default) the function 'showLogs' doesn't show any output.

Priority

Low

Description of new feature

Automatically get root names from scope defined as .domain.

Use function getTLDs

1. Identify what constitutes a duplicated URL (same content hash & HTTP Code)
2. Store hash as tag
3. Mark URL with tag duplicated=true in BBRF.
4. Ignore URLs with duplicated tag values as true while running bbrf urls or bbrf urls -p Program

Needed functions:

1. Function to regularly calculate the hash and store/update value using axiom and httpx
2. Function to get Urls from database (alias to bbrf url where duplicated is false)

• Display a help menu with all functions including examples.
• Reference: nuclei -h but with colors.

Show if the program is from h1, bugcrowd or other.

• Add colors by line (odd and even with different colors)

Allow the setup script to check for BBRF and install it if not found.

Bonus: Populate BBRF with some public bbh programs.

The script should check if dependencies are already installed before downloading them from Github

• Modify addPrograms to include the CIDR notation in the in scope of a program, due to BBRF latest version (1.3.1).

• Routine to fix programs that have a CIDR definition as a tag (convert to inscope rule)

• Check how the new definition affects other functions.

The setup script should have a prompt to choose which helpers to install.

Simple.

• Check for new versions in dependencies (amass, bbrf, etc).
• Ask whether to update or not. (May break some functionalities)

Change the output of the function showProgram to make it look prettier, similar to the output of findProgram

Currently, when trying to find a program by name the function just returns the name of the program.

In most cases calling another function (showProgram) in order to show program's data.

Therefore it would be useful to have a flag to do this in one step.

> checkProgram test -show

Will display the same output as showProgram

Sometimes you can know why some domains are not being added to a program. Often times it 's because another program has a compatible inscope rule.

Pseudo code:
1- iterate over all programs showing the inscope/outscope rule.
2. grep for input
3. show result.

different result as

bbrf use program getUrls

• While running addPrograms (adding a BBH program to BBRF) it's possible to run a nuclei scan using the local machine, this works well for small scopes.
• When the scope is bigger it's better to use axiom-scan, an option should be provided to the user to select regular nuclei scan or axiom-scan using the nuclei module.

• Add a combination of keys to jump from URL? to Add IN scope: in addPrograms.