BugBountyToolkit – All in One Bug Bounty Tools

To find a bug on a system pentester have to scan all the possible method to found the vulnerability with a lot of tools. All system is basically have some bug inside, but to find that is not easy. Skills and patient is the key to successfully exploit the bug. BugBountyToolkit can help you to make bug hunting more easier, in this tool you can find a lot of tools to perform bug bounty.

Bug Bounty Toolkit

A multiplatform bug bounty toolkit that can be installed on Debian/Ubuntu or setup with Docker.

Why should you use this toolkit?

  • This toolkit offers a multiplatform base to work with as the script can be installed on Linux, setup with Docker or installed on Windows with WSL (Windows Subsystem For Linux).
  • The installer script can be customized to add or remove specific tools based on your requirements.
  • Tools are constantly being added, updated and fixed.
  • Pull once. Update as needed.

Docker Pull & Run Instructions

Docker Hub Link: https://hub.docker.com/r/hackersploit/bugbountytoolkit

docker pull hackersploit/bugbountytoolkit
docker run -it hackersploit/bugbountytoolkit /bin/bash 

Docker Build Instructions

docker build . -t hackersploit/bugbountytoolkit

Installation Instructions – Ubuntu/Debian

git clone https://github.com/AlexisAhmed/BugBountyToolkit.git
cd BugBountyToolkit
chmod +x install.sh

Installed Tools

  •  altdns
  •  amass
  •  bucket_finder
  •  CloudFlair
  •  commix
  •  dirb
  •  dirsearch
  •  dnsenum
  •  dnsrecon
  •  dotdotpwn
  •  fierce
  •  gobuster
  •  joomscan
  •  Knockpy
  •  masscan
  •  massdns
  •  Nikto
  •  Nmap
  •  Recon-ng
  •  s3recon
  •  sqlmap
  •  subfinder
  •  Sublist3r
  •  teh_s3_bucketeers
  •  thc-hydra
  •  theHarvester
  •  tmux
  •  virtual-host-discovery
  •  wafw00f
  •  wfuzz
  •  whatweb
  •  wpscan
  •  XSStrike
  •  zsh


  • SecLists

Tools being added

  •  aquatone
  •  AWSBucketDump
  •  CommonSpeak
  •  gitrob
  •  Lazys3
  •  Sn1per
  •  unfurl

You May Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *

five + 6 =