venom26/CastleBravo

CastleBravo - BugBounty Automation Tool

CastleBravo

CastleBravo - BugBounty Automation Tool

This repo. contains only some parts of the full version , if you want the most complete version contact me here m4ll0k@protonmail.com or via twitter

requirements

• active dns

  • massdns
  • altdns

• passive dns

  • crobat
  • amass
  • assetfinder
  • github-subdomains
  • subfinder
  • subdomain.sh

• your telegram bot

  • token and chatid

installation

• download castlebravo

git clone https://github.com/m4ll0k/CastleBravo.git

• download massdns
• download and compile all tools in passive dns and then move them to the CastleBravo/tools/dns/passive/tools/ folder
  • crobat
  • amass - put your config.ini in CastleBravo/tools/dns/passive/tools/
  • assetfinder
  • subfinder - put your config.yaml in CastleBravo/tools/dns/passive/tools/
  • github-subdomains put .tokens in CastleBravo/tools/dns/passive/tools/

setup

• edit config.json

{
    "inScope"     : ["example.com"],
    "outScope"    : ["dev.example.com"],
    "target"      : "example.com",
    "projectName" : "exampleTarget",
    "keys" : {
        "telegramToken":"[YOUR_TELEGRAM_BOT_TOKEN]",
        "chatId":"[TELEGRAM_CHATID]"
    },
    "dbPath"   : "/db/",
    "toolName" : "CastleBravoV2",
    "tmpPath" : "/tmp/",
    "dbExt" : ".db",
    "wordlists":{
        "altdnsSmall" : "/wordlist/dns/small.txt",
        "altdnsMedium" : "/wordlist/dns/medium.txt",
        "altdnsBig" : "/wordlist/dns/big.txt",
        "massdnsResolvers" : "/wordlist/dns/resolvers.txt"
    }
}

• now run it, with crontab,etc (I suggest you to use the tool in your VPS) or or directly with python:

$ python3 castlebravo.py