Skip to content

Releases: ItsIgnacioPortal/hacker-scoper

v4.0.0

05 Oct 04:59
Compare
Choose a tag to compare
v4.0.0 Pre-release
Pre-release
  • ✨Feature: Made the --help more colourful
  • ✨Feature: The user can now select a company if two companies match the same query
  • ✨Feature: -ho, --hostnames-only: Output only hostnames instead of the full URLs using
  • ✨Feature: -iu, --include-unsure: Include "unsure" URLs in the output. An unsure URL is a URL that's not in scope, but is also not out of scope. Very probably unrelated to the bug bounty program.
  • ✨Feature: --verbose: Show what scopes were detected for a given company name on the FireBounty database.
  • 🐛Fixed bug with --include-unsure
  • Created TODO.md, so you can see what the future plans for hacker-scoper are.

v3.0.0: More Automation

11 Sep 11:19
Compare
Choose a tag to compare
  • ✨Feature: hacker-scoper will look for .noscope and .inscope files if you don't specify a company or a custom file parameter
  • ✨Feature: We can now parse scopes that contain wildcards in the middle of them, scopes such as: dev.*.example.com, or amzn*.example.com
  • ✨Feature: Save output to a file using -o/--output
  • ✨Feature: Always remove duplicates & sort the URLs before outputting them
  • ✨Feature: TLD-based misconfigured-bug-bounty-program detection. Using the publicsuffix project we're able to detect if a hostname ends with a TLD that isn't "public". Most of the time, this means that the bug bounty program was setup wrong, and an app package name was set as a web resource instead of as an application. Those problems are no more!
  • ✨Feature: Better documentation on the --help menu
  • 🐛Bug fix: Always delete the temporary files we create, even if hacker-scoper crashes
    And other minor fixes...

v2.1.0: Improved output

07 Jul 03:54
Compare
Choose a tag to compare
  • ✨Feature: More verbose logging
  • ✨Feature: Prettier console output
  • ✨Feature: Warn user when no results were found

v2.0.0

07 Jul 02:09
Compare
Choose a tag to compare
  • ✨Feature: Automatically attempt to add the "https://" prefix if parsing fails
  • ✨Feature: Better error logging
  • ✨Feature: Save the firebounty json in a predictable location using the --fire flag
  • 🐛Bug fix: automatically delete our own tmp files
  • 🐛Bug fix: Typo on misconfigured programs detection

v1.1.0

13 Nov 01:28
6116599
Compare
Choose a tag to compare

What's Changed

  • Added out-of-scope parsing for URLs, and IPs:
    • Specify a custom file with -cosf or --custom-outofcopes-file.
    • Or use scraped scopes from the firebounty API.

Builds auto-populated by goreleaser

First Release! v1.0.0

09 Nov 00:05
deb599f
Compare
Choose a tag to compare

Builds auto-populated by goreleaser.