Benjamin Heald Personal Security Blog

WHOAMI and Current Resume

Blog Posts

Gather: A tool to screenshot domains

As more and more companies create bug bounty programs with open-ended scopes, hackers sometimes need to examine large amounts of domain names. Currently most people use tools such as Aquatone which provide a extremely nice looking report at extremely fast speeds.

Gather on the other hand is extremely methodical, it uses Python Selenium and Chrome to check each provided domain one at a time. While this undoubtedly takes longer, it greatly reduces the false-negative rate. Since tools like aquatone have widespread use, a live domain missed by that tool is likely to be missed by everyone using that tool. This means that a successful screenshot by Gather can enable researchers to find domains that are unknown to the majority of the community.

Release Link

Full details on Gather and its usage can be found on its Github page, found here.