A multiplatform bug bounty toolkit that can be installed on Debian/Ubuntu or setup with Docker.
Why should you use this toolkit?
- The objective of this toolkit is to provide pentesters, security researchers and bug bounty hunters with a pre-configured environment that has some of the most popular tools and frameworks already installed and configured.
- This toolkit offers a multiplatform base to work with as the script can be installed on Linux, setup with Docker or installed on Windows with WSL (Windows Subsystem For Linux).
- The installer script can be customized to add or remove specific tools based on your requirements.
- Tools are constantly being added, updated and fixed.
- Pull once. Update as needed.
- In addition to the tools that are already installed, you can use the Katoolin script to install additional tools that you may require during your engagements.
Docker Hub Link: https://hub.docker.com/r/hackersploit/bugbountytoolkit
docker pull hackersploit/bugbountytoolkit
docker run -it hackersploit/bugbountytoolkit /bin/bash
docker run -it hackersploit/bugbountytoolkit /usr/bin/zsh
Docker Build Instructions
docker build . -t hackersploit/bugbountytoolkit
Installation Instructions - Ubuntu/Debian
git clone https://github.com/AlexisAhmed/BugBountyToolkit.git
cd BugBountyToolkit
chmod +x install.sh
./install.sh
You can install new tools from the Kali Linux repositories by utilizing the Katoolin script.
cd ~/toolkit
cd katoolin
./katoolin.py
- [x] altdns
- [x] amass
- [x] awscli
- [x] bucket_finder
- [x] CloudFlair
- [x] commix
- [x] dirb
- [x] dirsearch
- [x] dnsenum
- [x] dnsrecon
- [x] dotdotpwn
- [x] droopescan
- [x] fierce
- [x] ffuf
- [x] gobuster
- [x] gitGraber
- [x] httprobe
- [x] joomscan
- [x] Knockpy
- [x] masscan
- [x] massdns
- [x] Nikto
- [x] Nmap
- [x] Recon-ng
- [x] s3recon
- [x] S3Scanner
- [x] sqlmap
- [x] subfinder
- [x] Sublist3r
- [x] subjack
- [x] SubOver
- [x] teh_s3_bucketeers
- [x] thc-hydra
- [x] theHarvester
- [x] tmux
- [x] virtual-host-discovery
- [x] wafw00f
- [x] waybackurls
- [x] wfuzz
- [x] whatweb
- [x] wpscan
- [x] XSStrike
- [x] zsh