Fast AEM scope gathering tool for all your public and private Bugcrowd Programs

Install • Usage • Examples • Join Discord

---

If you love to test for Adobe Experience Manager Vulnerabilities well, I'm proud to announce BCAEM (Bugcrowd AEM) is a tool that will gathering all Adobe Experience Manager programs from your public or private programs.

Installation

Make sure you've a recent version of the Go compiler installed on your system. Then just run:

GO111MODULE=on go get -u github.com/ethicalhackingplayground/bcaem

Usage

▶ bcaem bc -t <session-token> <other-flags>

How to get the session token:

• Bugcrowd: login, then grab the _crowdcontrol_session cookie

Remember that you can use the --help flag to get a description for all flags.

Examples

Below you'll find some example commands.

Print all in-scope AEM targets from bugcrowd

▶ bcaem bc -t <YOUR_TOKEN> -b 

The output will look like this:

app.example.com
*.user.example.com
*.demo.com
www.something.com

Print all in-scope aem targets from all your private Bugcrowd programs that offer rewards

▶ bcaem bc -t <YOUR_TOKEN> -b -p

License

bcaem is distributed under Apache-2.0 License