Sandman A Target Tracking for Bug Hunter's and Pentesters
Sandman A Target Tracking for Bug Hunter's and Pentesters

Sandman: A Target Tracking for Bug Hunter’s and Pentesters

A Target Tracking , NoteTaking , CheckLists and Data Management GUI App for Bug Hunter’s and Pentesters. It is designed to Track Progress , Store and Retrieve tools data , CheckLists per domain and much more (future releases). It is designed while keeping in mind the ease and requirements while working on a program.It also has an integrated web server which can be used to get and post data to its respective pages.

This Cross Platform Native App is Powered By

  • Fyne
  • MongoDB
  • gorilla/mux

To Know More About the Functionalities , Usage and Structure Do refer the project wiki.

This App Also has an awesome cmd client app Matthew to store and retrieve data to UI App. It can be seamlessly integrated with your bash scripts / tools . It is similar to Linux Command tee

"
"
asserfinder abc.com | matthew web -s abc.com -t assetfinder --post

This will continuously post tool output to its appropriate destination in checklist in chunks .We can also get data from UI App (Ex : all-urls ,all-subs etc). To know more visit Matthew

Screenshots

Active subdomains for Sadman
Active subdomains for Sandman
Organization checklist by Sadman
Organization checklist by Sandman
Web app checklist by Sandman
Web app checklist by Sandman

Features

  • CheckList For Each Domain With Progress Tracking.
  • Integrated HTTP Server to Store and Retrieve Data.
  • Consists of Multiple Pages (In Scope, All Subs , Active Urls etc).
  • Cred Page For Storing Credentials.
  • Store and Retrieve Tool Output of Each CheckList Item for each domain and project.
  • Personal Notes / Findings for each Project.
  • Pagination For Storing Large Content.

Installation Instructions

Download Binaries From Releases

Build From Source

  • Install Go
  • Make Sure $GOPATH/bin is added to PATH env Variable
go install github.com/tarunKoyalwar/sandman@latest

You Can Either Install MongoDB Locally or Use MongoDB Atlas Free Instance

Windows and Mac Users. If you face any problems while building visit fyne.

Usage

Open App Using Terminal To View App Logs

sandman

When Installed From Releases . Open App Using Application Menu.

When MongoDB is Installed Locally . Verify that Instace is running.

Upcoming

This is First Release Lot of Planned Content Has Not been Implemented Yet. The Most Important of them Include Following.

"
"
  •  Editable MarkDown Support
  •  Automation
    •  Script Engine
      •  Checkpoints
      •  Multiprocessing
      •  Scheduling
      •  Regex , Pre and Post Processing
      •  Resource Control
    •  Notify Support
  •  Browser Extensions
  •  Android App ( UI redesing Left )
  •  IOS App
  •  Docker + Fyne Terminal
Dark Mode

Sandman (this link opens in a new window) by tarunKoyalwar (this link opens in a new window)

A Target Tracking , NoteTaking , CheckLists and Data Management GUI App for Bug Hunter’s and Pentesters.