This project automates subdomain reconnaissance using BBOT, deployed temporarily on a DigitalOcean VPS using Terraform and Ansible.
- Deploys a DigitalOcean droplet from a snapshot with BBOT pre-installed
- Runs BBOT against one or more target domains
- Saves the output in JSONL format for use with the Elastic Stack
- Tears down the droplet after scan completion
- Clone the repo
- Create a file
terraform.tfvars:
do_token = "your_digitalocean_token"
ssh_fingerprint = "your_ssh_key_fingerprint"- Create a droplet in DigitalOcean. Install BBOT and test to make sure it's working. Ge the snapshot ID and replace it in main.tf image =
Get the snapshot ID Digital Ocean CLI
doctl compute image list-user | grep bbot-base
./run.sh "example.com,test.com" "my-scan-id"
- The first argument is a comma-separated list of target domains.
- The second argument is an identifier used to name the result folder under results/.
BBOT output is saved to:
results//bbot_output.jsonl
- inventory.ini is dynamically created by the script.
- Results are pulled via scp before the droplet is destroyed.
- Make sure your SSH key allows root login on the snapshot.
To clean up all resources (in case of failure or early exit):
terraform destroy -auto-approve