/bughunter

Tools for BugHunting

Primary LanguagePythonMIT LicenseMIT

Bug Hunter Menu :

  • Information Gathering
  • Mapping
  • Discovery
  • Exploitation
  • PoCs & Reporting

Information Gathering :

  • Basic Commands for Information Gathering
  • Masscan - TCP Port Scanner
  • DNS Recon - DNS Enumeration
  • Sublist3r - Find Subdomains
  • Alt-DNS - Subdomain Discovery
  • Amass - In-Depth DNS Enumeration
  • Subfinder - Subdomain Discovery Tool
  • Enumall - Setup Script for Regon-NG
  • Aquatone - Reconnaissance on Domain Names
  • Cloudflare_Enum - Cloudflare DNS Enumeration
  • InfoG - Information Gathering Tool
  • The Harvester - E-mail, SubDomain, Ports etc.
  • Recon-NG - Web Reconnaissance Framework
  • SetoolKit - Social Engineering Toolkit
  • WhatWeb - Next Generation Web Scanner
  • Maltego - Interactive Data Mining Tool

Mapping :

  • Nmap - IP's, Open Ports and Much More
  • Firefox - Web Browser
  • Firefox Browser Extensions
  • Burp Suite Pro
  • Burp Suite Extensions
  • Intruder Payloads for Burp Suite
  • Payloads All The Thing

Discovery :

  • Acunetix-WVS
  • Arachni
  • Burp Suite
  • Nexpose
  • Nikto
  • Vega
  • Wapiti
  • Web Security Scanner
  • Websecurify Suite
  • Joomscan
  • w3af
  • Zed Attack Proxy
  • WP-Scan
  • FuzzDB
  • CeWL

Exploitation :

XSS :

  • XSS Radar
  • XSSHunter
  • xssHunter Client
  • DOMxssScanner
  • XSSer
  • BruteXSS
  • XSStrike
  • XSS'OR

SQLi :

  • SQLmap

XXE :

  • OXML-xxe
  • XXEinjextor

SSTI :

  • Tplmap

SSRF :

  • SSRF-Detector
  • Ground Control

LFI :

  • LFISuit

Mobile :

  • MobSF
  • GenyMotion
  • Apktool
  • dex2jar
  • jd-gui
  • idb

Other :

  • Gen-xbin-Avi
  • GitTools
  • DVCS Ripper
  • TKO Subs
  • SubBruteforcer
  • Second-Order
  • Race The Web
  • CORStest
  • RCE Struts-pwn
  • ysoSerial
  • PHPGGC
  • Retire-js
  • Getsploit
  • Findsploit
  • BFAC
  • WP-Scan
  • CMSmap
  • Joomscan
  • JSON W T T
  • Wfuzz
  • Patator
  • Netcat
  • ChangeMe
  • wappalyzer
  • builtwith
  • wafw00f
  • assetnote
  • jsbeautifier
  • LinkFinder

PoCs & Reporting :

  • Bug Bounty Platforms
  • POCs (Proof of Concepts)
  • CheatSheet
  • EyeWitness
  • HttpScreenshot
  • BugBountyTemplates
  • Template Generator

How To Install :

git clone https://github.com/thehackingsage/bughunter.git && cd bughunter && chmod +x bughunter.py && sudo cp bughunter.py /usr/bin/bughunter

that's it.. type bughunter in terminal to execute the tool.

Video Tutorial : https://www.youtube.com/watch?v=opvQIgUD0Jc&t=18s

Download Directory :

Normal User : /home/$USER/bughunter/

Root User : /root/bughunter/

  • ~/bughunter/info/ : Tools for Information Gathering
  • ~/bughunter/mapp/ : Tools for Mapping
  • ~/bughunter/disc/ : Tools for Discovery
  • ~/bughunter/expt/ : Tools for Exploitation
  • ~/bughunter/rept/ : Tools for Reporting
  • ~/bughunter/sage/ : Tools by Mr. SAGE

View Tool's README.md File for Installation Instruction and How To Use Guide.

Source :

TBHM3, GitHub, Bug Bounty Forum, Google and Few Bug Hunting Articles.

License :

MIT Licence

That's it... If You Like This Repo. Please Share This With Your Friends..

& Don't Forget To Follow Me At Twitter, Instagram, Github & SUBSCRIBE My YouTube Channel..!!!

Thankyou. Happy Hunting..