add multi domain in config

SolomonSklash / chomp-scan

A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.

https://www.solomonsklash.io/chomp-scan-update.html

GNU General Public License v3.0

393 stars 76 forks source link

add multi domain in config #44

Closed oldesec closed 5 years ago

oldesec commented 5 years ago

The current tool must generate a "config" file per domain.

Ex) google.com -> config1.txt fb.com -> config2.txt test.com -> config3.txt

It would be nice if could configure multiple domains in a single file.

sample file:

[general]
# Set domain to scan (required). Do not include a scheme, e.g. https:// or http://. Chomp Scan will add the appropriate scheme as needed.
DOMAIN= fb.com, google.com, test.com

SolomonSklash commented 5 years ago

This is a good idea. I think it's probably the simplest way for me to add support for multiple domains. Thanks for the suggestion!

oldesec commented 5 years ago

@SolomonSklash Thanks for the quick answer.

With your dedication, the tools are getting stronger. :)

oldesec commented 5 years ago

@SolomonSklash Hello.

It would be nice if had the ability to upload files to the cloud for backup. For example, the ability to upload files using the "rclone" tool.

Ref: https://rclone.org/

Sy3Omda commented 5 years ago

This is a good idea. I think it's probably the simplest way for me to add support for multiple domains. Thanks for the suggestion!

is this suggestion is ready now ! could i add more than one domain in config file separated by ,

SolomonSklash commented 5 years ago

Sorry, I've not been able to get to this yet. Most likely I will have domains added to the config file separated by a comma, as it seems pretty easy to do. The main part is just checking for multiple domains and running all the tools in order, and creating the proper output directory for each. None of that is all that hard, but it does involve a lot of rearranging of code and possibly introducing bugs. I plan on getting started on it soon.

Sy3Omda commented 5 years ago

glad to here that, in the mean while we could create config file for each domain in the scope and concatenate the whole command in one line separated by && as you know . an idea came up to me after reading your comment that it will take some time and i SUGGEST you could invest this time in implementing a workflow page to view final result in handy way.

SolomonSklash commented 5 years ago

@Sy3Omda @oldesec I have implemented multiple domains in the config file. Basically just add comma separated domains to the config file DOMAIN field.

I'd love it if you guys would test it out. There is a branch called multi-domain. You just have to do a git checkout multi-domain in the main Chomp Scan directory. If you guys find any bugs let me know, otherwise I will merge it into the main repo and cut a new release in a few days.

oldesec commented 5 years ago

@SolomonSklash I finished the test. It works well. :+1:

SolomonSklash commented 5 years ago

Glad to hear it, thanks for testing. I've merged it into master.