Show HN: Bug Bounty on a Sushi Belt – Automated Target Identification (cerast-intelligence.com)

2 points by PatchRequest ↗ HN
Hi HN,

I'm excited to share a project of mine called Bug Bounty Intelligence Stream. While automating my own bug bounty hunting, I realized the system detected more vulnerabilities than I could handle alone. Hence, I built this product.

The concept is simple: users can subscribe to an event stream that delivers pre-verified targets for potential bug bounty and security research. I take no credit for any findings and do not report them myself, so any potential bounty earnings are entirely yours. This tool might also interest academics studying the state of web security. I talked to a lawyer in my home country and from a legal standpoint I should be in no trouble. You can imagine the product like a sushi belt. You just sit there and watch as the tasty stuff comes your way and you grab whatever you want.

This is my first ever-product and I am hungry for feedback from you. Please use the coupon code HN100 to test for free for one month in the “per month” subscription.

Some example detections include:

    Exposed .git, ssh-keys, docker-compose, .env, config Files 
    Extremely outdated PHP, WordPress, Apache, FTP
    Public phpinfo()
    Leaked database backups
On my to-do list are features like:

    Access to historical data
    Automatic extraction of contacts from security.txt files
    More complex detection capabilities
Looking forward to your feedback!

URL: https://cerast-intelligence.com/

0 comments

[ 4.0 ms ] story [ 9.4 ms ] thread

No comments yet.