Vilicus (from Latin, meaning overseer or supervisor) is a Bug Bounty API Dashboard. This platform is designed to simplify the process of bug bounty hunting by aggregating data from various sources and presenting it in an easy-to-understand dashboard.
To get Vilicus up and running, you'll need the following:
- Python3
- Docker
- Docker-compose
Follow these steps to install and run Vilicus:
-
Clone the Vilicus repository to your local machine.
git clone https://github.com/PatrikFehrenbach/vilicus.git cd vilicus -
Start the Docker services.
docker-compose upWait for Docker to pull the necessary images and start the services. This may take a while.
This will start the server and the application will be accessible at
localhost:5000(or whatever port you've configured). -
Visit the dashboard in your web browser.
The tool has the ability to automatically query the (https://securitytrails.com/) Securitytrails API once a domain has been added. If youwant too enable this feature, you have to rename the env.example to .env and insert your own API Key. It is also recommended to rebuild the container like so docker-compose build --no-cache
Contributions are always welcome. If you find a bug or want to add a new feature, feel free to create a new issue or open a pull request.
This project is open-source and available under the MIT License.
Create a new domain. The request body should contain a JSON object with a "name" field.
Request Body:
{ "name": "domain name" }
Responses:
- 201: 'Domain added successfully!'
- 400: 'No domain name provided'
Update the name of an existing domain. The request body should contain a JSON object with a "name" field.
Request Body:
{ "name": "new domain name" }
Responses:
- 200: 'Domain updated successfully!'
- 400: 'No new domain name provided'
- 404: 'Domain not found'
Delete a specific domain by its name.
Responses:
- 200: 'Domain deleted successfully!'
- 404: 'Domain not found'
Export all domains.
Responses:
- 200: List of all domains
Search domains by query. The query should be passed as a URL parameter.
Responses:
- 200: Search results
Create a new subdomain for a specific domain. The request body should contain a JSON object with a "subdomain_name" field.
Request Body:
{ "subdomain_name": "subdomain name" }
Responses:
- 201: 'Subdomain added successfully!'
- 400: 'No subdomain name provided'
- 404: 'Main domain not found'
- 409: 'Conflict'
Update the name of an existing subdomain for a specific domain. The request body should contain a JSON object with a "name" field.
Request Body:
{ "name": "new subdomain name" }
Responses:
- 200: 'Subdomain updated successfully!'
- 400: 'No new subdomain name provided'
- 404: 'Main domain not found'
- 404: 'Subdomain not found'
Delete a specific subdomain for a specific domain.
Responses:
- 200: 'Subdomain deleted successfully!'
- 404: 'Main domain not found'
- 404: 'Subdomain not found'
Export all subdomains.
Responses:
- 200: List of all subdomains
Export all subdomains of a specific domain.
Responses:
- 200: List of all subdomains of the specified domain
- 404: 'Domain not found'
Search subdomains by query. The query should be passed as a URL parameter.
Responses:
- 200: Search results
Fetch all subdomains added in the last hour.
Responses:
- 200: List of all subdomains added in the last hour
Fetch all domains sorted by the count of their subdomains in descending order.
Responses:
- 200: List of all domains sorted by subdomains count