Subdomain monitoring framework inspired by subalert project
You need:
- Python >= 3.6 ( python 2 is not supported )
- Linux server e.g(Amanzon EC2) [64bit]
Before we start you need to install the requirements
$ sudo pip3 install -r requirements.txt
After installing the requirements now you're ready to go
This tool requires a slack workspace to report the findings
You need to edit the config/default.json
{
"settings":{
"slack_channel":"change this to your channel id",
"slack_token":"change this to your bot user Oauth token",
}
}For more informations visit: https://get.slack.help/hc/en-us/articles/215770388-Create-and-regenerate-API-tokens
$ python monitor.py -w watch_targets.txt
if everything is configured currectly to should see this message on your slack channel
Monitorizer supports more than one subdomain enumeration tool to achieve the best result
scanners = [
aiodnsbrute, # https://github.com/blark/aiodnsbrute (included)
subfinder, # https://github.com/subfinder/subfinder (included)
sublist3r, # https://github.com/aboul3la/Sublist3r (included)
dnsrecon, # https://github.com/darkoperator/dnsrecon (included)
dnscan, # https://github.com/rbsec/dnscan (included)
subbrute, # https://github.com/TheRook/subbrute (included)
amass, # https://github.com/OWASP/Amass (included)
]command lines can be found at config/default.json
It is also recommended to add your API keys in the /config/amass.ini file such as :
...
[SecurityTrails]
apikey = XXXXX
...
As the script runs once everyday to need to host it on a running linux server
$ ssh myserver@somewhere.host
$ ls
Monitorizer
$ cd Monitorizer
$ screen -dmS monitorizer bash -c 'python3 monitor.py -w targets.txt'
Monitorizer supports slack commands by mentioning the bot
To Enable Slack commands you have to enable Event Subscriptions and set the [Request URL] to http://youip:6500/slack
Full todo list is at https://github.com/BitTheByte/Monitorizer/projects/1