I am not seeing the long term, what is the value of this over a Shodan API key? They both crawl public IPs and explore subdomains for exposed resources.
Short term, if you have limited the view to companies only with bug bounty programs, it seems useful if you want to complete a bug bounty but don't know where to start. But the mapping of public resources has already been done.
I think showing URLs with sensitive params exposed, services using default creds, or some extra value add over a commodity scanner would be valuable. But then you would just be running a bug bounty/ pentesting AI service for bigger enterprises.
Great feedback! I have some of these questions myself, which makes me think about where I'd like to take neobotnet. The URL data needs to be more refined and provide actionable insights to security teams and devs so they can take appropriate actions with the data. There's more to explore within this data, such as JS and API reconnaissance as also possible client side issues. I'm looking to gather user feedback to polish the tool. Thanks for the comment.
Short term, if you have limited the view to companies only with bug bounty programs, it seems useful if you want to complete a bug bounty but don't know where to start. But the mapping of public resources has already been done.
I think showing URLs with sensitive params exposed, services using default creds, or some extra value add over a commodity scanner would be valuable. But then you would just be running a bug bounty/ pentesting AI service for bigger enterprises.