A new OSINT tool has been launched that monitors certificate transparency logs to identify exposed files on newly-seen domains. This tool allows penetration testers and bug bounty hunters to search for sensitive data like configuration files and database dumps easily.
A new open-source intelligence (OSINT) tool has been introduced for use by penetration testers and bug bounty hunters. This tool continuously monitors certificate transparency logs to detect newly-seen domains and exposes potential security flaws such as configuration files and database dumps.
The tool compiles the findings into a searchable database, allowing users to query specific domains or domain parts. Currently operating in a read-only manner, it is freely accessible to users.
The creator is considering adding alert features that notify users of new findings based on specific search keywords. Suggestions for additional functionalities and methods to mitigate data abuse are welcomed from the community.
The tool is being shared on platforms like Hacker News, where developers often provide feedback and suggest potential features. This interaction aims to improve the tool and address concerns regarding data security.
β¨ This summary was generated by AI from the outlets' reporting listed below. It is not independently verified and may contain errors β check the original sources. How BrevFeed works β
A new OSINT tool has been launched that monitors certificate transparency logs to identify exposed files on newly-seen domains. This tool allows penetration testers and bug bounty hunters to search for sensitive data like configuration files and database dumps easily.