Bug bounty has become a fast-growing industry with programs launching almost daily bringing along with it a fierce competition among hackers. It’s a sort of a monetized race which revolves around the first one to report a bug: first come, first served. Therefore, it’s essential to step up your game and try to stay ahead of the game. Learning and expanding your skill set is one way to do it but also improving your testing methodology is quite important, and polishing you reconnaissance for instance surely going to help a bunch.
In this regard, I have built a security and reconnaissance tool that I’ve been using for quite some time. It should allow you to monitor subdomains of specific organizations automatically and get notified each time something is found.
The tool was announced at
OWASP Seasides during
NullCon 2019 which took place in the beautiful city of Goa, India.
Read more: https://medium.com/@yassineaboukir/automated-monitoring-of-subdomains-for-fun-and-profit-release-of-sublert-634cfc5d7708