Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
The tool is supposed to be scheduled to run periodically at fixed times, dates, or intervals (Ideally each day). New identified subdomains will be sent to Slack workspace with a notification push. Furthermore, the tool performs DNS resolution to determine working subdomains.
Also Read – AutoRDPwn : The Shadow Attack Framework
How to set up?
Requirements:
First of all, you will have to clone the tool from Github to your web server:
$ git clone https://github.com/yassineaboukir/sublert.git && cd sublert
Now, we can install the required modules as follows:
forPython 2:
$ sudo pip install -r requirements.txt
alternatively, Python 3:
$ sudo pip3 install -r requirements.txt
Next step is to create a Slack workplace to where new subdomains will be sent to. Just browse to https://slack.com/ and create a free account.
Then, create two channels: one for the subdomains and the other is for error logging as follows:
Next, we need to generate Webhook URLs for each channel so we can leverage Slack API.
Browse to https://api.slack.com/apps and create a new application.
Browse to Incoming Webhooks and create two Webhooks and link each one to the two channels formed previously.
And link each webhook with the corresponding Slack channel.
You will obtain a link in the following format:
https://hooks.slack.com/services/XXXXXXX/BF0XXXXME/XXXXXXXXXXXXX
Copy both two webhook links and edit config.py
You’re almost ready! Interesting part now is adding domains to monitor for new subdomains. For now, it’s preferable to add each domain separately. Let’s add PayPal for instance:
$ python sublert.py -u paypal.com
You can proceed the same way with all the other domain names you would like to monitor. Once you’re finished adding the targets, the next step would be to configure Cron in order to schedule execution of Sublert periodically at fixed times.
Let’s make Sublert.py executable:
$ chmod u+x sublert.py
Now, we need to add a new Cron job to schedule execution of it at given time. To do it, type:
$ Crontab -e
Add the following line at the end of the Cron file:
0 */12 * * * cd /root/sublert/ && /usr/bin/python sublert.py -r -l >> /root/sublert/sublert.log 2>&1
You will need to change /root/sublert/ to the exact directory where you have the tool.
If you’re using python3 make sure to change /usr/bin/python to /usr/bin/python3
Short Form | Long Form | Description |
---|---|---|
-u | –url | Adds a domain to monitor. E.g: yahoo.com. |
-d | –delete | Domain to remove from the monitored list. E.g: yahoo.com. |
-a | –list | Listing all monitored domains. |
-t | –threads | Number of concurrent threads to use (Default: 20). |
-r | –resolve | Perform DNS resolution. |
-l | –logging | Enable Slack-based error logging. |
-m | –reset | Reset everything. |
Burrow is an open source tool for burrowing through firewalls, built by teenagers at Hack Club.…
Simple golang webserver that listens for basic auth or post requests and sends a notification…
Nutek Security Platform for macOS and Linux operating systems. Tools for hackers, bug hunters and…
Welcome to SecureSphere Labs, your go-to destination for a curated collection of powerful hacking tools…
All in one Docker-based workstation with hacking tools for Pentesting and offsec Labs by maintained…
Got it! Below is the updated README.md file with instructions for downloading the project on…