/tools-pentest-bugbounty

tool kit when going pentest, bugbounty

Primary LanguageShell

Tools-payloads-pentest-webapp ver1.2

A tools kit of Burpsuite Intruder payloads, fuzz lists and scans, audit tools during the pentest webapp and bugbounty process. To pull down all 3rd party repos, run install.sh with root command in the same directory of tools-pentest-bugbounty directory.

Installation

This install is running on MACOS. Change default package manager on top in #env of the install file and run it.

git clone https://github.com/noobpk/tools-pentest-bugbounty.git
cd tools-pentest-bugbounty
./install.sh

Tools - Payload in Repo

  • Namp.
  • PayloadsAllTheThings.
  • wfuzz.
  • fuzzdb.
  • big-list-of-naughty-strings.
  • payloads.
  • RobotsDisallowed.
  • SecLists.
  • wpscan.
  • XSStrike.
  • sqlmap.
  • WhatWaf.
  • subbrute.
  • nikto.
  • sparty.
  • LiferayScan.
  • CORScanner.
  • testssl.
  • JS Scanner.
  • LinkFinder.
  • Dirble.
  • Recsech.
  • BlackWidow.

Read this post :

https://medium.com/@lethanhphuc.pk/what-tools-kit-to-bring-when-you-went-to-pentest-webapp-6aa41a65a361