To find a bug on a system pentester have to scan all the possible method to found the vulnerability with a lot of tools. All system is basically have some bug inside, but to find that is not easy. Skills and patient is the key to successfully exploit the bug. BugBountyToolkit can help you to make bug hunting more easier, in this tool you can find a lot of tools to perform bug bounty.
Bug Bounty Toolkit
A multiplatform bug bounty toolkit that can be installed on Debian/Ubuntu or setup with Docker.
Why should you use this toolkit?
- This toolkit offers a multiplatform base to work with as the script can be installed on Linux, setup with Docker or installed on Windows with WSL (Windows Subsystem For Linux).
- The installer script can be customized to add or remove specific tools based on your requirements.
- Tools are constantly being added, updated and fixed.
- Pull once. Update as needed.
Docker Pull & Run Instructions
Docker Hub Link: https://hub.docker.com/r/hackersploit/bugbountytoolkit
docker pull hackersploit/bugbountytoolkit docker run -it hackersploit/bugbountytoolkit /bin/bash
Docker Build Instructions
docker build . -t hackersploit/bugbountytoolkit
Installation Instructions – Ubuntu/Debian
git clone https://github.com/AlexisAhmed/BugBountyToolkit.git
cd BugBountyToolkit
chmod +x install.sh
./install.sh
Installed Tools
- altdns
- amass
- bucket_finder
- CloudFlair
- commix
- dirb
- dirsearch
- dnsenum
- dnsrecon
- dotdotpwn
- fierce
- gobuster
- joomscan
- Knockpy
- masscan
- massdns
- Nikto
- Nmap
- Recon-ng
- s3recon
- sqlmap
- subfinder
- Sublist3r
- teh_s3_bucketeers
- thc-hydra
- theHarvester
- tmux
- virtual-host-discovery
- wafw00f
- wfuzz
- whatweb
- wpscan
- XSStrike
- zsh
Wordlists
- SecLists
Tools being added
- aquatone
- AWSBucketDump
- CommonSpeak
- gitrob
- Lazys3
- Sn1per
- unfurl