root4loot / rescope Goto Github PK
View Code? Open in Web Editor NEWA scope generation tool for Burp Suite & ZAP
Home Page: https://root4loot.com/tags/rescope/
License: MIT License
A scope generation tool for Burp Suite & ZAP
Home Page: https://root4loot.com/tags/rescope/
License: MIT License
$ rescope -u hackerone.com/security -b -o test.json
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0x12ebd58]
If I have an input file containing something like "Openwebsite.com", the Burp output file will contain:
{ "target": { "scope": { "advanced_mode": true, "exclude": null, "include": [ { "enabled": true, "file": "^[\\S]*$", "host": "^penwebsite\\.com$", "port": "^(80|443)$", "protocol": "Any" } ] } } }#
and thus "Openwebsite.com" will not be considered in-scope in Burp.
#command
rescope -u hackerone.com/hackerone -o burpscope.json
#output
panic: runtime error: index out of range [0] with length 0
goroutine 1 [running]:
github.com/root4loot/rescope/internal/bbaas/hackerone.Scrape({0x7ffcb7bd6f7d, 0x17})
/home/hood/.local/share/go/pkg/mod/github.com/root4loot/[email protected]/internal/bbaas/hackerone/hackerone.go:57 +0x645
github.com/root4loot/rescope/internal/url.BBaas({0xc000110f10?, 0x1?, 0x9ca7c8?}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0})
/home/hood/.local/share/go/pkg/mod/github.com/root4loot/[email protected]/internal/url/url.go:60 +0x4a2
main.main()
/home/hood/.local/share/go/pkg/mod/github.com/root4loot/[email protected]/main.go:80 +0xcb
Other BBaaS providers are working for me.
Just wanted to say that this is a great tool, and I have integrated it into my tool Chomp Scan. Thanks for your work on this.
rescope -u intigriti.com/public/project/tomorrowland/tomorrowland --burp -o test.ext
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x6de0f3]
goroutine 1 [running]:
github.com/root4loot/rescope/internal/url.BBaas(0xc000098e20, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, ...)
/home/user/go/src/github.com/root4loot/rescope/internal/url/url.go:60 +0x613
main.main()
/home/luser/go/src/github.com/root4loot/rescope/main.go:80 +0x6dc
Running the example in from the readme outputs this:
> rescope -u hackerone.com/security -o burpscope.json
panic: runtime error: index out of range [0] with length 0
goroutine 1 [running]:
github.com/root4loot/rescope/internal/bbaas/hackerone.Scrape({0xc000014180, 0x16})
C:/Users/User/go/pkg/mod/github.com/root4loot/[email protected]/internal/bbaas/hackerone/hackerone.go:55 +0x645
github.com/root4loot/rescope/internal/url.BBaas({0xc000050f80?, 0x1?, 0x647408?}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0})
C:/Users/User/go/pkg/mod/github.com/root4loot/[email protected]/internal/url/url.go:60 +0x4a2
main.main()
C:/Users/User/go/pkg/mod/github.com/root4loot/[email protected]/main.go:78 +0xcb
Intigriti programs are parsed with duplicate exclude definitions
A known bug exists whereas parsing multiple scopes from hackerone, intigriti, yeswehack leads to duplicate scope definitions.
Parsing fails when you copy/paste full URL from program on intigriti.
rescope -u https://www.intigriti.com/public/project/tomorrowland/tomorrowland
[!] Failed to parse JSON.
Example
In-Scope:
example1.com,example2.com
example3.com, example4.com
Results in:
Grabbing targets from [example]
+ *.example1.com,example2.com
+ example3.com,
+ example4.com
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.