Scope Change Observation & Unified Tracking
A modular Bug Bounty monitoring tool that tracks program changes, discovers new subdomains, and sends Telegram notifications.
- Program Monitoring: Monitor Bugcrowd, HackerOne, and YesWeHack (with more platforms coming) public programs and scope changes
- Subdomain Discovery: Monitor text files for new subdomains and alert on discoveries
- Telegram Notifications: Get instant alerts on new subdomains and program changes
- Modular Architecture: Easy to add new platforms
- Automated Scanning: Automated subdomain discovery with
subfinder - Smart Filtering: HackerOne targets filtered for both submission and bounty eligibility
# Clone the repository
git clone git@github.com:abaykan/scout
cd scout
# Install dependencies
pip3 install -r requirements.txtCreate a MySQL database and user:
CREATE DATABASE scout_db;
CREATE USER 'scout_user'@'localhost' IDENTIFIED BY 'your_secure_password';
GRANT ALL PRIVILEGES ON scout_db.* TO 'scout_user'@'localhost';
FLUSH PRIVILEGES;Edit config.json with your settings:
{
"database": {
"host": "localhost",
"user": "scout_user",
"password": "your_secure_password",
"database": "scout_db",
"port": 3306
},
"telegram": {
"bot_token": "your_telegram_bot_token",
"chat_id": "your_chat_id"
},
"notifications": {
"type": "telegram",
"enabled": true
},
"platforms": {
"bugcrowd": {
"enabled": true,
"programs_to_monitor": [
"https://bugcrowd.com/engagements/intercom",
"https://bugcrowd.com/engagements/atlassian"
]
},
"hackerone": {
"enabled": true,
"programs_to_monitor": [
"https://hackerone.com/hack_the_box"
]
},
"yeswehack": {
"enabled": true,
"programs_to_monitor": [
"https://yeswehack.com/programs/zecible-public-bug-bounty-program"
]
}
}
}# Create database tables
python3 init_db.py# Run monitoring once
python3 main.pyAdd program URLs to config.json:
"platforms": {
"bugcrowd": {
"enabled": true,
"programs_to_monitor": [
"https://bugcrowd.com/engagements/intercom",
"https://bugcrowd.com/engagements/atlassian"
]
},
"hackerone": {
"enabled": true,
"programs_to_monitor": [
"https://hackerone.com/hack_the_box",
"https://hackerone.com/shopify"
]
},
"yeswehack": {
"enabled": true,
"programs_to_monitor": [
"https://yeswehack.com/programs/zecible-public-bug-bounty-program",
"https://yeswehack.com/programs/gojek-bug-bounty-program"
]
}
}S.C.O.U.T automatically:
- Scans wildcard domains using subfinder
- Saves results to
scans/{program-slug}.txtfiles - Monitors these files for new subdomains
- Sends Telegram notifications for new discoveries
# Example: Manual subdomain scanning
subfinder -d example.com -o manual-subdomains.txtscout/
├── main.py # Main entry point
├── init_db.py # Database initialization
├── config.json # Configuration file
├── requirements.txt # Python dependencies
├── scout.log # Application logs
├── scans/ # Subdomain scan results
└── src/
├── __init__.py
├── db.py # MySQL database operations
├── monitor.py # Core monitoring system
├── notifier.py # Telegram notifications
├── utils.py # Utility functions
└── platforms/
├── __init__.py
├── bugcrowd.py # Bugcrowd platform implementation
├── hackerone.py # HackerOne platform implementation
└── yeswehack.py # YesWeHack platform implementation
- Uses JSON API for accurate scope extraction
- Falls back to HTML parsing if API unavailable
- Uses GraphQL API for structured scope data
- Smart Filtering: Only includes targets that are both
eligible_for_submissionANDeligible_for_bounty - Handles program handles directly from URLs
- Uses HTML parsing with BeautifulSoup
- Extracts scope from tables and structured elements
- More platform supports
- Optimize anything that can be optimized
- Handle private program
MIT License - feel free to use and modify for your bug bounty activities.
- Fork the repository
- Create a feature branch
- Make your changes
- Test thoroughly
- Submit a pull request
For issues and questions:
- Review logs in
scout.log - Open a GitHub issue