├── _config.yml ├── README.md ├── Dockerfile └── install.sh /_config.yml: -------------------------------------------------------------------------------- 1 | theme: jekyll-theme-slate -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | 2 | # Bug Bounty Toolkit 3 | A multiplatform bug bounty toolkit that can be installed on Debian/Ubuntu or setup with Docker. 4 | 5 | ## Why should you use this toolkit? 6 | - This toolkit offers a multiplatform offering as the script can be installed on Windows by utilizing the WSL (Windows Subsystem For Linux). 7 | - The installer script can be customized to install or remove specific tools. 8 | 9 | ## Installation Instructions - Ubuntu/Debian 10 | ``` 11 | git clone https://github.com/AlexisAhmed/BugBountyToolkit.git 12 | cd BugBountyToolkit 13 | chmod +x install.sh 14 | ./install.sh 15 | ``` 16 | ## Docker Pull & Run Instructions 17 | Docker Hub Link: https://hub.docker.com/r/hackersploit/bugbountytoolkit 18 | 19 | ``` 20 | docker pull hackersploit/bugbountytoolkit 21 | docker run -it hackersploit/bugbountytoolkit /bin/bash 22 | ``` 23 | [![asciicast](https://asciinema.org/a/sMorBlA5yzTIwfdiWzdRR3yEh.svg)](https://asciinema.org/a/sMorBlA5yzTIwfdiWzdRR3yEh) 24 | 25 | ## Docker Build Instructions 26 | ``` 27 | docker build . -t hackersploit/bugbountytoolkit 28 | ``` 29 | 30 | # Installed Tools 31 | - Nmap 32 | - masscan 33 | - dnsenum 34 | - dnsrecon 35 | - massdns 36 | - altdns 37 | - Knockpy 38 | - Sublist3r 39 | - dirb 40 | - teh_s3_bucketeers 41 | - virtual-host-discovery 42 | - Recon-ng 43 | - sqlmap 44 | - Nikto 45 | - wfuzz 46 | - wafw00f 47 | - wpscan 48 | - joomscan 49 | - commix 50 | - XSStrike 51 | - thc-hydra 52 | - w3af 53 | 54 | ## Wordlists 55 | - SecLists 56 | 57 | # Tools beging added 58 | - aquatone 59 | - gobuster 60 | - bucket_finder 61 | - AWSBucketDump 62 | - Sn1per 63 | - CloudFlair 64 | 65 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:18.04 2 | 3 | MAINTAINER alexis@hsploit.com 4 | 5 | # Environment Variables 6 | ENV HOME /root 7 | 8 | # Working Directory 9 | WORKDIR /root 10 | RUN mkdir ~/toolkit && \ 11 | mkdir ~/wordlists 12 | 13 | # tzdata 14 | 15 | RUN ln -fs /usr/share/zoneinfo/America/New_York /etc/localtime && \ 16 | export DEBIAN_FRONTEND=noninteractive && \ 17 | apt-get update && \ 18 | apt-get install -y tzdata && \ 19 | dpkg-reconfigure --frontend noninteractive tzdata 20 | 21 | 22 | 23 | # Essentials 24 | RUN apt-get update && \ 25 | apt-get install -y build-essential && \ 26 | apt-get install -y gcc && \ 27 | apt-get install -y git && \ 28 | apt-get install -y vim && \ 29 | apt-get install -y wget && \ 30 | apt-get install -y awscli && \ 31 | apt-get install -y curl && \ 32 | apt-get install -y make && \ 33 | #apt-get install -y xargs && \ 34 | #apt-get install -y jq && \ 35 | #apt-get install -y ruby-full && \ 36 | apt-get install -y nmap && \ 37 | apt-get install -y whois && \ 38 | apt-get install -y python3 && \ 39 | apt-get install -y python-pip && \ 40 | apt-get install -y perl && \ 41 | apt-get install -y nikto && \ 42 | apt-get install -y dnsutils && \ 43 | apt-get install -y net-tools 44 | 45 | 46 | # sqlmap 47 | RUN apt-get install -y sqlmap 48 | 49 | # dirb 50 | RUN apt-get install -y dirb 51 | 52 | # dnsenum 53 | RUN apt-get install -y cpanminus && \ 54 | cd ~/toolkit && \ 55 | git clone https://github.com/fwaeytens/dnsenum.git && \ 56 | cd dnsenum/ && \ 57 | chmod +x dnsenum.pl && \ 58 | ln -s ~/toolkit/dnsenum/dnsenum.pl /usr/bin/dnsenum && \ 59 | cpanm String::Random && \ 60 | cpanm Net::IP && \ 61 | cpanm Net::DNS && \ 62 | cpanm Net::Netmask && \ 63 | cpanm XML::Writer 64 | 65 | # Sublist3r 66 | RUN cd ~/toolkit && \ 67 | git clone https://github.com/aboul3la/Sublist3r.git && \ 68 | cd Sublist3r/ && \ 69 | pip install -r requirements.txt && \ 70 | ln -s ~/toolkit/Sublist3r/sublist3r.py /usr/local/bin/sublist3r 71 | 72 | # wfuzz 73 | RUN pip install --upgrade setuptools && \ 74 | apt-get install -y python-pycurl && \ 75 | pip install wfuzz 76 | 77 | # seclists 78 | RUN cd ~/wordlists && \ 79 | git clone --depth 1 https://github.com/danielmiessler/SecLists.git 80 | 81 | # knock 82 | RUN apt-get install -y python-dnspython && \ 83 | cd ~/toolkit && \ 84 | git clone https://github.com/guelfoweb/knock.git && \ 85 | cd knock && \ 86 | chmod +x setup.py && \ 87 | python setup.py install 88 | 89 | # massdns 90 | RUN apt-get install -y libldns-dev && \ 91 | cd ~/toolkit && \ 92 | git clone https://github.com/blechschmidt/massdns.git && \ 93 | cd massdns/ && \ 94 | make && \ 95 | ln -sf ~/toolkit/massdns/bin/massdns /usr/local/bin/massdns 96 | 97 | # wafw00f 98 | RUN cd ~/toolkit && \ 99 | git clone https://github.com/enablesecurity/wafw00f.git && \ 100 | cd wafw00f && \ 101 | chmod +x setup.py && \ 102 | python setup.py install 103 | 104 | # wpscan 105 | RUN apt-get install -y libcurl4-openssl-dev libxml2 libxml2-dev libxslt1-dev ruby-dev libgmp-dev zlib1g-dev && \ 106 | cd ~/toolkit && \ 107 | git clone https://github.com/wpscanteam/wpscan.git && \ 108 | cd wpscan/ && \ 109 | gem install bundler && bundle install --without test && \ 110 | gem install wpscan 111 | 112 | # joomscan 113 | RUN cd ~/toolkit && \ 114 | git clone https://github.com/rezasp/joomscan.git && \ 115 | cd joomscan/ && \ 116 | apt-get install -y libwww-perl && \ 117 | chmod +x joomscan.pl 118 | #ln -sf ~/toolkit/joomscan/joomscan.pl /usr/local/bin/joomscan 119 | 120 | 121 | # commix 122 | RUN cd ~/toolkit && \ 123 | git clone https://github.com/commixproject/commix.git && \ 124 | cd commix && \ 125 | chmod +x commix.py && \ 126 | ln -sf ~/toolkit/commix/commix.py /usr/local/bin/commix 127 | 128 | 129 | # masscan 130 | RUN cd ~/toolkit && \ 131 | apt-get install -y libpcap-dev && \ 132 | git clone https://github.com/robertdavidgraham/masscan.git && \ 133 | cd masscan && \ 134 | make && \ 135 | ln -sf ~/toolkit/masscan/bin/masscan /usr/local/bin/masscan 136 | 137 | # altdns 138 | RUN cd ~/toolkit && \ 139 | git clone https://github.com/infosec-au/altdns.git && \ 140 | cd altdns && \ 141 | pip install -r requirements.txt && \ 142 | chmod +x setup.py && \ 143 | python setup.py install 144 | 145 | # teh_s3_bucketeers 146 | RUN cd ~/toolkit && \ 147 | git clone https://github.com/tomdev/teh_s3_bucketeers.git && \ 148 | cd teh_s3_bucketeers && \ 149 | chmod +x bucketeer.sh && \ 150 | ln -sf ~/toolkit/teh_s3_bucketeers/bucketeer.sh /usr/local/bin/bucketeer 151 | 152 | # Recon-ng 153 | RUN cd ~/toolkit && \ 154 | git clone https://github.com/lanmaster53/recon-ng.git && \ 155 | cd recon-ng && \ 156 | apt-get install -y python3-pip && \ 157 | pip3 install -r REQUIREMENTS && \ 158 | chmod +x recon-ng && \ 159 | ln -sf ~/toolkit/recon-ng/recon-ng /usr/local/bin/recon-ng 160 | 161 | # XSStrike 162 | RUN cd ~/toolkit && \ 163 | git clone https://github.com/s0md3v/XSStrike.git && \ 164 | cd XSStrike && \ 165 | apt-get install -y python3-pip && \ 166 | pip3 install -r requirements.txt && \ 167 | chmod +x xsstrike.py && \ 168 | ln -sf ~/toolkit/XSStrike/xsstrike.py /usr/local/bin/xsstrike 169 | 170 | # virtual-host-discovery 171 | RUN cd ~/toolkit && \ 172 | git clone https://github.com/jobertabma/virtual-host-discovery.git && \ 173 | cd virtual-host-discovery && \ 174 | chmod +x scan.rb && \ 175 | ln -sf ~/toolkit/virtual-host-discovery/scan.rb /usr/local/bin/virtual-host-discovery 176 | 177 | # go 178 | RUN cd /opt && \ 179 | wget https://dl.google.com/go/go1.13.3.linux-amd64.tar.gz && \ 180 | tar -xvf go1.13.3.linux-amd64.tar.gz && \ 181 | mv go /usr/local && \ 182 | export GOROOT=/usr/local/go && \ 183 | export GOPATH=$HOME/go && \ 184 | export PATH=$GOPATH/bin:$GOROOT/bin:$PATH 185 | 186 | 187 | 188 | 189 | 190 | 191 | -------------------------------------------------------------------------------- /install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | RED='\033[0;32m' 4 | NC='\033[0m' 5 | 6 | echo -e "${RED}[*] Bug Bounty Toolkit Installer${NC}" 7 | echo -e "${RED}[*] Setting Up Directories${NC}" 8 | 9 | cd $HOME 10 | mkdir toolkit 11 | mkdir ~/toolkit/wordlists 12 | 13 | echo -e "${RED}[*] Installing Essentials${NC}" 14 | apt-get update 15 | apt-get install -y build-essential 16 | apt-get install -y gcc 17 | apt-get install -y git 18 | apt-get install -y vim 19 | apt-get install -y wget 20 | apt-get install -y curl 21 | apt-get install -y awscli 22 | apt-get install -y inetutils-ping 23 | apt-get install -y make 24 | apt-get install -y nmap 25 | apt-get install -y whois 26 | apt-get install -y python3 27 | apt-get install -y python-pip 28 | apt-get install -y perl 29 | apt-get install -y nikto 30 | apt-get install -y dnsutils 31 | apt-get install -y net-tools 32 | echo -e "${RED}[*] Essentials installed${NC}" 33 | 34 | 35 | # Nmap 36 | echo -e "${RED}[*] Installing Nmap${NC}" 37 | apt-get install -y nmap 38 | 39 | # masscan 40 | echo -e "${RED}[*] Installing masscan${NC}" 41 | cd ~/toolkit 42 | apt-get install -y libpcap-dev 43 | git clone https://github.com/robertdavidgraham/masscan.git 44 | cd masscan 45 | make 46 | ln -sf ~/toolkit/masscan/bin/masscan /usr/local/bin/masscan 47 | 48 | # dnsenum 49 | echo -e "${RED}[*] Installing dnsenum${NC}" 50 | apt-get install -y cpanminus 51 | cd ~/toolkit 52 | git clone https://github.com/fwaeytens/dnsenum.git 53 | cd dnsenum/ 54 | chmod +x dnsenum.pl 55 | ln -s ~/toolkit/dnsenum/dnsenum.pl /usr/bin/dnsenum 56 | cpanm String::Random 57 | cpanm Net::IP 58 | cpanm Net::DNS 59 | cpanm Net::Netmask 60 | cpanm XML::Writer 61 | 62 | # massdns 63 | echo -e "${RED}[*] Installing massdns${NC}" 64 | apt-get install -y libldns-dev 65 | cd ~/toolkit 66 | git clone https://github.com/blechschmidt/massdns.git 67 | cd massdns/ 68 | make 69 | ln -sf ~/toolkit/massdns/bin/massdns /usr/local/bin/massdns 70 | 71 | # altdns 72 | echo -e "${RED}[*] Installing altdns${NC}" 73 | cd ~/toolkit 74 | git clone https://github.com/infosec-au/altdns.git 75 | cd altdns 76 | pip install -r requirements.txt 77 | chmod +x setup.py 78 | python setup.py install 79 | 80 | # thc-hydra 81 | echo -e "${RED}[*] Installing thc-hydra${NC}" 82 | apt-get install -y hydra 83 | 84 | # Sublist3r 85 | echo -e "${RED}[*] Installing Sublist3r${NC}" 86 | cd ~/toolkit 87 | git clone https://github.com/aboul3la/Sublist3r.git 88 | cd Sublist3r/ 89 | pip install -r requirements.txt 90 | ln -s ~/toolkit/Sublist3r/sublist3r.py /usr/local/bin/sublist3r 91 | 92 | # knock 93 | echo -e "${RED}[*] Installing Knockpy${NC}" 94 | apt-get install -y python-dnspython 95 | cd ~/toolkit 96 | git clone https://github.com/guelfoweb/knock.git 97 | cd knock 98 | chmod +x setup.py 99 | python setup.py install 100 | 101 | # dirb 102 | echo -e "${RED}[*] Installing dirb${NC}" 103 | apt-get install -y dirb 104 | 105 | # teh_s3_bucketeers 106 | echo -e "${RED}[*] Installing teh_s3_bucketeers${NC}" 107 | cd ~/toolkit 108 | git clone https://github.com/tomdev/teh_s3_bucketeers.git 109 | cd teh_s3_bucketeers 110 | chmod +x bucketeer.sh 111 | ln -sf ~/toolkit/teh_s3_bucketeers/bucketeer.sh /usr/local/bin/bucketeer 112 | 113 | # Recon-ng 114 | echo -e "${RED}[*] Installing Recon-ng${NC}" 115 | cd ~/toolkit 116 | git clone https://github.com/lanmaster53/recon-ng.git 117 | cd recon-ng 118 | apt-get install -y python3-pip 119 | pip3 install -r REQUIREMENTS 120 | chmod +x recon-ng 121 | ln -sf ~/toolkit/recon-ng/recon-ng /usr/local/bin/recon-ng 122 | 123 | # XSStrike 124 | echo -e "${RED}[*] Installing XSStrike${NC}" 125 | cd ~/toolkit 126 | git clone https://github.com/s0md3v/XSStrike.git 127 | cd XSStrike 128 | apt-get install -y python3-pip 129 | pip3 install -r requirements.txt 130 | chmod +x xsstrike.py 131 | ln -sf ~/toolkit/XSStrike/xsstrike.py /usr/local/bin/xsstrike 132 | 133 | # sqlmap 134 | echo -e "${RED}[*] Installing sqlmap${NC}" 135 | apt-get install -y sqlmap 136 | 137 | # wfuzz 138 | echo -e "${RED}[*] Installing wfuzz${NC}" 139 | pip install --upgrade setuptools 140 | apt-get install -y python-pycurl 141 | pip install wfuzz 142 | 143 | # wafw00f 144 | echo -e "${RED}[*] Installing wafw00f${NC}" 145 | cd ~/toolkit 146 | git clone https://github.com/enablesecurity/wafw00f.git 147 | cd wafw00f 148 | chmod +x setup.py 149 | python setup.py install 150 | 151 | # wpscan 152 | echo -e "${RED}[*] Installing wpscan${NC}" 153 | apt-get install -y libcurl4-openssl-dev libxml2 libxml2-dev libxslt1-dev ruby-dev libgmp-dev zlib1g-dev 154 | cd ~/toolkit 155 | git clone https://github.com/wpscanteam/wpscan.git 156 | cd wpscan/ 157 | gem install bundler && bundle install --without test 158 | gem install wpscan 159 | 160 | # joomscan 161 | echo -e "${RED}[*] Installing joomscan${NC}" 162 | cd ~/toolkit 163 | git clone https://github.com/rezasp/joomscan.git 164 | cd joomscan/ 165 | apt-get install -y libwww-perl 166 | chmod +x joomscan.pl 167 | #ln -sf ~/toolkit/joomscan/joomscan.pl /usr/local/bin/joomscan 168 | 169 | # commix 170 | echo -e "${RED}[*] Installing commix${NC}" 171 | cd ~/toolkit 172 | git clone https://github.com/commixproject/commix.git 173 | cd commix 174 | chmod +x commix.py 175 | ln -sf ~/toolkit/commix/commix.py /usr/local/bin/commix 176 | 177 | # w3af 178 | echo -e "${RED}[*] Installing w3af${NC}" 179 | cd ~/toolkit 180 | git clone https://github.com/andresriancho/w3af.git 181 | cd w3af 182 | ./w3af_console 183 | apt-get install -y npm 184 | cd /tmp 185 | ./w3af_dependency_install.sh 186 | ln -sf ~/toolkit/w3af/w3af_console /usr/local/bin/w3af 187 | 188 | # dnsrecon 189 | echo -e "${RED}[*] Installing dnsrecon${NC}" 190 | apt-get install -y dnsrecon 191 | 192 | # virtual-host-discovery 193 | cd ~/toolkit 194 | git clone https://github.com/jobertabma/virtual-host-discovery.git 195 | cd virtual-host-discovery 196 | chmod +x scan.rb 197 | ln -sf ~/toolkit/virtual-host-discovery/scan.rb /usr/local/bin/virtual-host-discovery 198 | 199 | # SecLists 200 | read -p "Do you want to download SecLists? y/n " -n 1 -r 201 | echo # (optional) move to a new line 202 | if [[ $REPLY =~ ^[Yy]$ ]] 203 | then 204 | echo -e "${RED}[*] Downloading SecLists${NC}" 205 | cd ~/toolkit/wordlists 206 | git clone --depth 1 https://github.com/danielmiessler/SecLists.git 207 | fi 208 | 209 | # Cleanup 210 | echo -e "${RED}[*] Tidying up${NC}" 211 | apt-get clean 212 | 213 | echo -e "${RED}[*] Installation Complete! ${NC}" 214 | echo -e "${RED}[*] Your tools have been installed in: "$HOME"/toolkit" 215 | echo -e "${RED}[*] Your wordlists have been saved in: "$HOME"/toolkit/wordlists${NC}" 216 | 217 | 218 | 219 | 220 | 221 | 222 | --------------------------------------------------------------------------------