Command Line tools useful during Bug Bounty / Penetration testing. Focused on Web targets.
git clone https://github.com/edoardottt/lit-bb-hack-tools
cd lit-bb-hack-tools
make build
Then use the tools as described in the README in each tools folder.
make clean
(uninstall)make update
(update)
- eae Take as input on stdin a list of urls and print on stdout all the extensions sorted.
- heacoll Take as input on stdin a list of urls and print on stdout all the unique headers found.
- removepro Take as input on stdin a list of urls and print on stdout all the unique urls without protocols.
- subtake Take as input on stdin a list of urls and print on stdout CNAME records found with
dig
. - eap Take as input on stdin a list of urls and print on stdout all the protocols sorted.
- gitdump It prints all the matches in a git repository with a specified pattern.
- removehost Take as input on stdin a list of urls and print on stdout all the unique queries without protocol and host.
- chainredir Take as input a URL and print on stdout all the redirects.
- tahm Take as input on stdin a list of urls and print on stdout all the status codes and body sizes for HTTP methods.
- robotstxt Take as input on stdin a list of urls and print on stdout all the unique paths found in the robots.txt file.
- cleanpath Take as input on stdin a list of urls/paths and print on stdout all the unique paths (at any level).
- eefjsf Take as input on stdin a list of js file urls and print on stdout all the unique endpoints found.
- bbtargets Produce as output on stdout all the bug bounty targets found on Chaos list by Project Discovery.
- nrp Take as input on stdin a list of domains and print on stdout all the unique domains without redirects.
- eah Take as input on stdin a list of urls and print on stdout all the hosts sorted.
- doomxss Take as input on stdin a list of html/js file urls and print on stdout all the possible DOM XSS sinks found.
- eaparam Take as input on stdin a list of urls and print on stdout all the unique parameters.
- bbscope Take as input on stdin a list of urls or subdomains and a BurpSuite Configuration file and print on stdout all in scope items.
- eapath Take as input on stdin a list of urls and print on stdout all the unique urls without queries.
- rpfu Take as input on stdin a list of urls and print on stdout all the unique urls without ports (if 80 or 443).
- rapwp Take as input on stdin a list of urls and a payload and print on stdout all the unique urls with ready to use payloads.
- checkbypass Take as input on stdin a payload and print on stdout all the successful WAF bypasses.
- knoxssme Take as input on stdin a list of urls and print on stdout the results from Knoxss.me API.
- genscope Take as input a file containing a list of (sub)domains (wildcards allowed) and produce a BurpSuite Configuration file.
- kubemetrics Take as input on stdin a list of urls and print on stdout all the unique paths and urls found in the /metrics endpoint.
- earh Take as input on stdin a list of urls and print on stdout all the unique root hosts.
Detailed changes for each release are documented in the release notes.
If you want to contribute to this project, you can start opening an issue.
Before opening a pull request, download golangci-lint and run
golangci-lint run
If there aren't errors, go ahead :)
This repository is under GNU General Public License v3.0.
edoardoottavianelli.it to contact me.