ZERO-Day Exploits and Automations

ยท

2 min read

0-Day exploits

How to automate hacking using the cloud and Telegram

Step 1: We are not using any paid services for this automation.

Step 2: We use Google Cloud Shell to open a terminal.

Step 3: Get a list of your targets from different hacking programs.

Step 4: Install the following tools from GitHub:

  • httpx

  • subfinder

  • notify

  • anew

  • nuclei

Step 5: In Telegram, search for BotFather and create a new bot. Then, search for @getidsbot and copy the bot API key and chat ID.

Step 6: Create a file called config.yaml with the following contents:

telegram:
  - id: "bugs"
    telegram_api_key: "YOUR_API_KEY"
    telegram_chat_id: "YOUR_CHAT_ID"
    telegram_format: "{{data}}"
    telegram_parsemode: "Markdown"

Step 7: Write a bash script called subdomain.sh:

while true;
do subfinder -silent -dL domains.txt -all | anew subdomains2.txt | notify -pc ./config.yaml;
sleep 10800;
done

Note: Create these files on the cloud using a terminal.

Step 8: Every 8 hours, run the following command to launch your bash script:

bash subdomain.sh

Step 9: Run the following command to find subdomains:

htttpx -l subdomains2.txt -o httpsub.txt

Step 10: Create private nuclei templates or use built in.

Step 11: Create a file called nuclei.sh with the following contents:

while true;
do nuclei -l httpsub.txt  -t Nuclei-Templates | anew fuzzresultnuclei9.txt | notify -pc ./config.yaml;
sleep 3600;
done

Step 12: You can create similar scripts for different tools and run them once you get something new. You will be notified on your Telegram bot report faster, with no duplicates.

Thanks for your support!

Thanks to THE BBH for making this video and sharing this knowledge with us. You can see the video on the below link.

https://www.youtube.com/watch?v=IviF-m2xr7Y&ab_channel=THEBBH

ย