Skip to content

v3.0.0: More Automation

Latest
Compare
Choose a tag to compare
@ItsIgnacioPortal ItsIgnacioPortal released this 11 Sep 11:19
· 56 commits to main since this release
  • ✨Feature: hacker-scoper will look for .noscope and .inscope files if you don't specify a company or a custom file parameter
  • ✨Feature: We can now parse scopes that contain wildcards in the middle of them, scopes such as: dev.*.example.com, or amzn*.example.com
  • ✨Feature: Save output to a file using -o/--output
  • ✨Feature: Always remove duplicates & sort the URLs before outputting them
  • ✨Feature: TLD-based misconfigured-bug-bounty-program detection. Using the publicsuffix project we're able to detect if a hostname ends with a TLD that isn't "public". Most of the time, this means that the bug bounty program was setup wrong, and an app package name was set as a web resource instead of as an application. Those problems are no more!
  • ✨Feature: Better documentation on the --help menu
  • 🐛Bug fix: Always delete the temporary files we create, even if hacker-scoper crashes
    And other minor fixes...