.png)
1 week ago
16 BOOK THIS SPACE FOR AD
ARTICLE ADHello to all bug hunters and web application security experts, I’m Milad and I’ve been active in the field of penetration testing, bug hunting for several years. As all professionals in this field know, staying up-to-date and continually researching and updating methodologies are essential aspects of this expertise.
Many of you may already be familiar with the Project Discovery group. However, for those who are not, let me provide a brief explanation.
Project Discovery is a powerful and active community in the security field that has developed numerous security tools widely used by hunters. Among these tools, we can mention the exceptional and powerful scanner, Nuclei, used for detecting vulnerabilities in web applications. Additionally, some of the tools developed by this group, such as Subfinder and HTTPX, are used in the reconnaissance process.
Furthermore, this remarkable group has initiated a project called Chaos, which aims to conduct subdomain identification for all active programs in Bug Bounty and has made this data available to bug hunters. The data collected by this project is available at the following address and is periodically updated.
I have been familiar with the Chaos project from the powerful Project Discovery group for quite some time now. However, recently, while I was conducting research, I also discovered that a tool has been developed for this project, allowing users to directly access all the data and identified subdomains in this project by installing it.
This tool is available at the following GitHub address.
I have installed and executed this tool, and you can see some of its output for the domain uber.com below.
You can use this tool in your reconnaissance process and integrate its output with the output of other tools.
Thank you for taking the time to read this text, I hope this topic has been interesting for you.
Bengali (Bangladesh) · 
English (United States) ·