ZERO-Day Exploits and Automations
0-Day exploits
How to automate hacking using the cloud and Telegram
Step 1: We are not using any paid services for this automation.
Step 2: We use Google Cloud Shell to open a terminal.
Step 3: Get a list of your targets from different hacking programs.
Step 4: Install the following tools from GitHub:
httpx
subfinder
notify
anew
nuclei
Step 5: In Telegram, search for BotFather and create a new bot. Then, search for @getidsbot and copy the bot API key and chat ID.
Step 6: Create a file called config.yaml
with the following contents:
telegram:
- id: "bugs"
telegram_api_key: "YOUR_API_KEY"
telegram_chat_id: "YOUR_CHAT_ID"
telegram_format: "{{data}}"
telegram_parsemode: "Markdown"
Step 7: Write a bash script called subdomain.sh
:
while true;
do subfinder -silent -dL domains.txt -all | anew subdomains2.txt | notify -pc ./config.yaml;
sleep 10800;
done
Note: Create these files on the cloud using a terminal.
Step 8: Every 8 hours, run the following command to launch your bash script:
bash subdomain.sh
Step 9: Run the following command to find subdomains:
htttpx -l subdomains2.txt -o httpsub.txt
Step 10: Create private nuclei templates or use built in.
Step 11: Create a file called nuclei.sh
with the following contents:
while true;
do nuclei -l httpsub.txt -t Nuclei-Templates | anew fuzzresultnuclei9.txt | notify -pc ./config.yaml;
sleep 3600;
done
Step 12: You can create similar scripts for different tools and run them once you get something new. You will be notified on your Telegram bot report faster, with no duplicates.
Thanks for your support!
Thanks to THE BBH for making this video and sharing this knowledge with us. You can see the video on the below link.
https://www.youtube.com/watch?v=IviF-m2xr7Y&ab_channel=THEBBH