There are plenty of services currently providing system-endpoint monitoring, and uptime
Varanid.io builds upon this model by monitoring not only uptime,
You will get a notification upon changes.
Notifications are getting displayed on your own dashboard, but can also be send via Slack,
Mail or to a custom webhook.
The dashboard has multiple great features.
Ranging from GitHub sign up and sign in integration
to viewing all your alerts on a timeline.
When an alert get generated,
it will by default always get added to your dashboard.
Next to having the alerts on your dashboard,
they can also be send out via email,
slack and/or a custom provided webhook.
Monitor a given URL for changes. For example a JS file or a feed.
Monitor SSL certificates for over 20 properties.
Monitor the TTFB for changes over a given margin.
Monitor the response headers. For example if one changes or gets added/deleted.
Monitor the status code of a URL/page.
Monitor the title of the page for any changes.
I use Varanid.io to monitor changes on bug bounty programs to be notified when changes happen on their web assets. This enables me to keep an overview of how things change and allows me to be the first to target updated assets before other bug bounty hunters notice.
I'm using Varanid to monitor interesting assets, mostly security related, but it can be used for anything. Varanid is also cheaper than any alternatives I've found online and offers a lot more features. A must-have for any Infosec professional or company looking to actively protect their online infrastructure.
I use varanid to monitor endpoints so I get notified when auth is not required anymore or JS files show new endpoints. This allows me to focus on vulnerabilities and let automation flow.
I highly recommend varanid.io for all your bug bounty needs. It can alert you whenever there is a change in any of the assets being monitored allowing you to stay ahead of the game.
Varanid offers a great variety of options, with a very intuitive interface. Definitely recommend.
The dashboard is designed with mobility in mind. Every page still looks as good on a mobile phone as it would on a monitor. The alerts that are being send via mail and slack are also mobile friendly :)
Custom request options are options like the request method, headers, data, but also skipping SSL certificate verification and setting the max time-out and amount of redirects to follow, or to not follow redirects at all. These options make it possible to also monitor endpoints which are only available with for example POST or PUT requests. Or an API which requires the API key to be in a header.
When a check fails because for example the remote server failed to respond in time, then it will be tried again. The amount of retries differs per subscription and is determined by the 'ReDo amount' propery in your plan quota.
Yes! There is an option for every user to share an alert with others. Just use the switch on the bottom right of the alert info page to toggle the visibility of the alert. Then use the link supplied below the switch, to share it. Everyone with this link can view the alert. Upon switching it from public to private, the public alert page will return a 404 page immediately.
Our prices are based on the costs to keep this service running. The time it took to develop, and the prices of similar services. We believe our prices are fairly reasonable and are below the average of similar services.
A custom webhook allows you to receive the alerts in real time on your own preferred way. When an alert gets generated and the notification option 'custom webhook' was chosen, then the alert data will be POSTed to the given custom webhook URL. This way, you can integrate Varanid.io into custom scripts, tooling and much more. You can read more here
Yes! but... unfortunately it's not live yet. Please monitor our twitter upcoming weeks for more info.