Your tools for detecting new attack surface on old website
Posted in Tool Discussion by @neolex
Hi! I would like to know what tools do you use to know when a bug bounty program have new content ?
Do you know how to detect changes on website ? Is there a good way to know if a php website have new content ? We can't use the md5sum of the files because of news feeds and things like that...
Detect changes as in code changes to .js files or new features?
- Find any blogs they have, enigneering, changelog, updates, news etc
- Check for any future plans
- Just keep hunting & testing:D
For code changes: I don't believe there's any public tool available to monitor & notify of code changes to .js files etc. Would be awesome to see one :D
My question was about both. I didnt thought of the dev blog, it's actually a pretty good idea to follow it !
For js files, I may try to code a tool for that when I got the time to do it. Thanks !