HACKERMATE
  • HACKERMATE
  • New Scope Tutorial
  • GCSE (Google Custom Search Engine) - Tutorial
  • TERMS OF SERVICE
  • Privacy Policy
Powered by GitBook
On this page
  • Scope Creation
  • Name
  • Assets
  • GCSE (Dorks)
  • Settings
  • Legal
  • Cost Estimation

Was this helpful?

New Scope Tutorial

PreviousHACKERMATENextGCSE (Google Custom Search Engine) - Tutorial

Last updated 4 years ago

Was this helpful?

Let see how to configure and launch a scope inside :

Scope Creation

Name

The first step is naming the new scope:

The name cannot contain special characters.

Assets

The second step is indicating the assets of the scope: Domains, Subdomains, Emails, IPs, Ranges and Webs.

HACKERMATE will automatically discover most of these assets from an initial asset. For example, from a domain, HM will discover subdomains, IPs, emails and webs relate to the original domain.

For more information about HM's discovery capabilities take a look at this page:

GCSE (Dorks)

If you don't know what "dorks" are, we recommend reading this page before continuing:

For checking dorks, it's required to indicate the GCSE ID where the dorks will be searched.

The following options are available in this category:

  • Don't use GCSE: Dorks won't be searched

  • Use main categories: Main dorks will be searched

  • Use all categories: Search all dorks

Note that when searching for dorks, if any domain of the scope is affected by a dork, HACKERMATE will only retrieve the first 10 URLs affected.

Settings

HACKERMATE also allows configuring how it's going to behave when an asset (from the initial scope or HM's discovery capabilities) is found:

  • Limit IPs: This setting indicates whether HM scans IPs discovered by the scan and which are not included in the original scope.

    • e.g. an IP related to a subdomain discovered by the scan

  • Avoid CDNs IPs: This setting indicates whether HM scans IPs related to a CDN.

    • e.g. an IP of a Cloudflare machine pointed by a subdomain of the scope.

  • TCP Scan: This setting indicates whether HM launches a TCP scan over the IPs.

  • UDP Scan: This setting indicates whether HM launches an UDP scan over the IPs.

  • Vulnerability Assessment: This setting indicates whether HM performs an active vulnerability assessment over the new IP.

  • Brute-Force: This setting indicates whether HM performs brute-force attacks over network services discovered by the scan.

    • e.g. if a SSH service is discovered, and this setting is enabled, HM will launch a Brute-Force attack which uses credentials frequently used in SSH.

  • Limit Webs: This setting indicates whether HM scans new discovered Webs discovered by the scan and which aren't set in the scope.

    • e.g. If a web of a subdomain is discovered, and this setting is enabled, HM will scan the web.

  • Only Passive over New Webs: This setting indicates whether HM launches only "passive" modules over webs discovered by the scan and which are not set in the scope. In this scenario, passive means that only well behaving tools will be launched.

    • e.g. If a web of a subdomain is discovered, and this setting is enabled HM will launch only "passive" web analysis

Legal

Cost Estimation

Once you have configured your scope, proceed to the cost estimation. An estimation of the cost of the scope will be displayed. The estimation will look similar to this one:

If you agree with the cost estimation, select your payment method, and proceed to payment. After paying, the scope will be automatically launched.

Finally, before launching the scope you need to agree with the and explicitly indicate that you are allowed to launch the analysis over the indicated assets:

HACKERMATE
GCSE (Google Custom Search Engine) - Tutorial
Terms of Service
app.hackermate.io/create-scope