Basic Recon For Bug Bounty Hunter - "HuntTheBug" is Basic Scripts For Sub Domain Enumeration> Live Domain Enumeration > Sub Domain Hijack > URL + JavaScript Scan > Dir Brute Forcing > Open Port Check With Telegram Bot Notification
Installation Process >
Note : This Tested On Kali Linux. You Must Install As Root User
in Your Root User Home Folder - /root/.
System Requiremet > 2 Core CPU + 4 GB RAM
We Test it On 1GB Ram + 1 Core CPU And System Crash.
apt install zsh git -y
cd ~
git clone https://github.com/vikrantbatra05/HuntTheBug
cd ~/HuntTheBug
chmod +x *.zsh
./install.zsh
- Config Amass + Subfinder For More Sub Domain
How To Config Amass Config File >
How To Config Subfinder Config File >
https://dhiyaneshgeek.github.io/bug/bounty/2020/02/06/recon-with-me/
nano ~/HuntTheBug/config/amass-config.ini
nano ~/HuntTheBug/config/subfinder-config.yaml
- Config Telegram Boat + Find Domain + Github Token in conf.zsh
How To Config Telegram Boat >
https://stackoverflow.com/questions/32423837/telegram-bot-how-to-get-a-group-chat-id
https://sean-bradley.medium.com/get-telegram-chat-id-80b575520659
How Get Git Hub Token >
nano ~/HuntTheBug/conf.zsh
If You Are Bug Bounty Hunter User This App For
- Mediam Scope Program - Example > *.target.com
./recon.zsh target.com
- Small Scope Program - Example > app.target.com or target.com
./dom_hunt.zsh app.target.com
./dom_hunt.zsh target.com
- Reverse Domain Lookup For Organigation - Example > Google
./org_hunt.zsh org_name
- 403 Bypass Check
./403_hunt.zsh https://target.com
- sub_hunt.zsh
> Find Subdomain From > Amass + SubFinder + SubLis3R + Crobat + AsseFinder + Find Domain + GitHub SubDomain + Subscraper
> Check Live Sub Domains From > HTTPX And Httprobe
> Get 202 And 403 Subdomain With > Hakcheckurl
- sub_jack.zsh
> Sub Domain Takeover Check WIth > SubJack + Nuclei
- url_hunt.zsh
> Grab URLs From GAU + WaybackURLS
> Check Live URLS With FFUF
> Grab All URL WITH PERA-METER With ParamSpider
> Javascript Hunting Grab All JS File And Find Secret With > SecretFinder + JSFinder
- dir_hunt.zsh
> Directory Fuzzing With - Dirsearch
- port_hunt.zsh
> Find All Open Ports With > Naabu
- nuclei_hunt.zsh
> Check All Known Valn With Nuclei
> Grab All URL From GAU + WayBackURLS > Clean URL > Check Live URL
> Find Secretes With > GF Tool
> URLParameter With > ParamSpider
> Greb All JS And Check Live
> Find URL - SUB - VAR in JS With JSFinder + jsvar.sh
> Find Secrets From JS Files with > SecretFinder
> Directory Brute Forsing With > Dirsearch
> Check All Known Valn With Nuclei
> Grab All Reverse Domains With > knockknock
> Check Live Domains With > HTTPX
> Get Domain IP Info With > ipinfo
Final Thought : If You Like This Script And Contribute And Make This Better Contact Me At Twitter - My ID : @Vikrant_infosec
- byp4xx - https://github.com/lobuhi/byp4xx
- 403bypasser - https://github.com/yunemse48/403bypasser
- bypass-403 - https://github.com/iamj0ker/bypass-403
- dirsearch - https://github.com/maurosoria/dirsearch
- gau - https://github.com/lc/gau
- waybackurls - https://github.com/tomnomnom/waybackurls
- ffuf - https://github.com/ffuf/ffuf
- gf - https://github.com/tomnomnom/gf
- Gf-Patterns - https://github.com/1ndianl33t/Gf-Patterns
- ParamSpider - https://github.com/devanshbatham/ParamSpider
- qsreplace - https://github.com/tomnomnom/qsreplace
- httpx - https://github.com/projectdiscovery/httpx
- JSFinder - https://github.com/Threezh1/JSFinder
- jsvar.sh -https://gist.githubusercontent.com/KathanP19/d2cda2f99c0b60d64b76ee6039b37e47/raw/eb105a4de06502b2732df9d682c61189c3703685/jsvar.sh
- SecretFinder - https://github.com/m4ll0k/SecretFinder
- nuclei - https://github.com/projectdiscovery/nuclei
- ipinfo - https://github.com/ipinfo/cli
- knockknock - https://github.com/harleo/knockknock
- naabu - https://github.com/projectdiscovery/naabu
- Amass - https://github.com/OWASP/Amass
- subfinder - https://github.com/projectdiscovery/subfinder
- Sublist3r - https://github.com/aboul3la/Sublist3r
- SonarSearch - https://github.com/Cgboal/SonarSearch
- assetfinder - https://github.com/tomnomnom/assetfinder
- Findomain - https://github.com/Findomain/Findomain
- github-subdomains -https://github.com/gwen001/github-subdomains
- subscraper -https://github.com/m8r0wn/subscraper
- httprobe - https://github.com/tomnomnom/httprobe
- hakcheckurl - https://github.com/hakluke/hakcheckurl
- subjack - https://github.com/haccer/subjack
zsh curl wget command-not-found git htop ncdu glances exa zsh-autosuggestions zsh-syntax-highlighting python-is-python3 python3-pip parallel at tree cron golang-go amass subfinder sublist3r ffuf dirsearch naabu figlet
Thanks All Open Source Tool Maker 🙏🙏🙏🙏