Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty.
The purpose of learning is growth, and our mind, unlike our body, can continue to grow as long as we continue to live.
(Mortimer J. Adler)
Metasploit is also used a lot for exploits. If you add i will be happy.
#!/bin/bash -i
if [ "$(id -u)" -eq 0 ]; then
echo ""; echo -e "\e[32m\e[1mOK. The script will install the tools.\e[0m\e[39m"; echo "";
else
echo ""; echo -e "\e[91m\e[1mRoot privileges are required\e[0m\e[39m"; echo "";
exit
fi
#Naabu
echo -e "\e[93m\e[1m----> Installing Naabu";
go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest > /dev/null 2>&1 && ln -s ~/go/bin/naabu /usr/local/bin/;
echo -e "\e[32mDone! Naabu installed."; echo "";
sleep 1.5
#Subfinder
echo -e "\e[93m\e[1m----> Installing Subfinder";
go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest > /dev/null 2>&1 && ln -s ~/go/bin/subfinder /usr/local/bin/;
echo -e "\e[32mDone! Subfinder installed."; echo "";
sleep 1.5
#Github-subdomains
echo -e "\e[93m\e[1m----> Installing Github-subdomains";
go install github.com/gwen001/github-subdomains@latest > /dev/null 2>&1 && ln -s ~/go/bin/github-subdomains /usr/local/bin/;
echo -e "\e[32mDone! Github-subdomains installed."; echo "";
sleep 1.5
#Assetfinder
echo -e "\e[93m\e[1m----> Installing Assetfinder";
go install github.com/tomnomnom/assetfinder@latest > /dev/null 2>&1 && ln -s ~/go/bin/assetfinder /usr/local/bin/;
echo -e "\e[32mDone! Assetfinder installed."; echo "";
sleep 1.5
#dnsx
echo -e "\e[93m\e[1m----> Installing Dnsx";
go install github.com/projectdiscovery/dnsx/cmd/dnsx@latest > /dev/null 2>&1 && ln -s ~/go/bin/dnsx /usr/bin/;
echo -e "\e[32mDone! Dnsx installed."; echo "";
sleep 1.5
echo -e "\e[92mDone! Operation Completed\e[0m\e[39m"; echo "";
After i run this command ./Tools-BugBounty-installer.sh , i get this error(: invalid option).
Create an automation script to combine all of them and send notifications if they find vulnerabilties...
#bash ./Tools-BugBounty-installer.sh
./Tools-BugBounty-installer.sh: line 4: $'\r': command not found
./Tools-BugBounty-installer.sh: line 319: syntax error: unexpected end of file
Subdomains enumeration:
Amass
Assetfinder
Crobat
Findomain
Github-subdomains
Subfinder
Sudomy
subdomainizer
sublister
findomain
Subdomain Takeover:
Subover
Autosubtakeover
Tko-subs
Subjack
Cloud Workflow: AWS_Recon
festin
lazys3
s3brute
flumberboozle
slurp
DNS resolver
dnsx
MassDNS
PureDNS
ShuffleDNS
DNSvalidator
Visual Inspection - Screenshots
Aquatone
Gowitness
httpscreenshot
HTTP probe
httprobe
httpx
Web crawler / Content Discovery
Gospider
Hakrawler
ParamSpider
gau
waybackurls
paramspider
GF
GF_Pattern
Photon
Network scanner
Rustscan
Masscan
Naabu
Nmap
Brutespray
HTTP Parameter
Arjun
x8 *
Fuzzing tools
Ffuf
Gobuster
Wfuzz
Gobuster
Dirsearch
Dirb
LFI/RFI tools
LFISuite
Fimap
XPR1M3 / sqli-lfi-xss-rce-dorker-and-auto-exploiter-Python
https://github.com/XPR1M3/sqli-lfi-xss-rce-dorker-and-auto-exploiter-Python-.git
Spring4Shell:
redhuntlabs / Hunt4Spring | https://github.com/redhuntlabs/Hunt4Spring.git
Log4j:
log4jscan for Linux | https://github.com/intezer/log4jscan.git
SSRF tools
SSRFmap
Gopherus
Interactsh
SSTI tools
tplmap *
API hacking tools
Kiterunner + API routes
Wordlists
SecLists
Vulns - XSS
Dalfox
Bxss
XSpear
kxss
XSStrike
Gxss
FinDOM-XSS
X5S
Xenotix XSS Exploit Framework
Vulns - SQL Injection
SQLbit
BSQL hacker
SQLMap
SQLninja
Safe3 SQL injector
SQLSus
Mole
NoSQLMap
SQLmate
ATLAS (WAF Bypass Suggester for SQLmap)
SQLiScanner
AutoSQLi
Bypass-WAF-SQLMAP
KhetaguriDimitri/SQL-Injection
Agressiv1njector/psqli-pro
AngelSecurityTeam/SQLiDumper-AngelSecurityTeam
JohnTroony/Blisqy
quadcoreside/QuadCore-Web-SQLi-Injecter-DB-Dumper
enjoiz/BSQLinjector
lanmaster53/sqli-exploiter
Sqliv
Havij
BBQSQL
Leviathan
WhiteWidow
jSQL Injection
CMS Scanner
WPscan
droopescan
AEM-Hacker
Drupwn
Wig
Vulns - Scanner
Jaeles
Nikto **
Nuclei
JavaScript hunting
LinkFinder
SecretFinder
subjs
GetJS
Find_Web_Technologies
Wappalyzer CLI
Git Hunting / GIT Enum Tools:
GitDorker *
gitGraber *
GitHacker *
GitTools *
Githound
Trufflehog
Gitscanner
Sensitive Stuff Finding
DumpsterDiver *
EarlyBird *
Ripgrep
Useful tools
anew
anti-burl
getallurls
gron
Interlace
jq *
qsreplace
Tmux
unfurl
Uro *
Web Exploitation Frameworks:
Sn1per
Vajra
Jok3r v3 beta
osmedeus
cobra
Arachni
TIDoS Framework
sudomy
Grabber
Vega
Zed Attack Proxy
Wapiti
W3af
WebScarab
Skipfish
Ratproxy
Wfuzz
Grendel-Scan
Watcher
JS Enumeration Tools:
jsscanner
jsparser
linkfinder
Fingerprint & CVE Tools:
nuclei
webtech
waf
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. πππ
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google β€οΈ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.
