VPS-Bug-Bounty-Tools

Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty.

Usage:

cd /tmp && git clone https://github.com/drak3hft7/VPS-Bug-Bounty-Tools
cd VPS-Bug-Bounty-Tools
sudo ./Tools-BugBounty-installer.sh

Example during installation:

List of tools inserted:

Network scanner:

• Nmap
• Masscan
• Naabu

Subdomain Enumeration and DNS Resolver:

• Massdns
• Subfinder
• Knock
• Lazyrecon
• Github-subdomains
• Sublist3r
• Crtndstry
• Assetfinder
• Dnsx
• Dnsgen

Subdomain Takeovers:

• SubOver

Web Fuzzer:

• Dirsearch
• Ffuf

Wordlists:

• SecLists

Scanner CMS:

• Wpscan
• Droopescan

Vuln SQL:

• SQLmap
• NoSQLmap
• Jeeves

Enumeration Javascript:

• LinkFinder
• SecretFinder
• JSParser

Visual Recon:

• Aquatone

Crawling Web:

• GoSpider
• Hakrawler
• Katana

Vuln XSS:

• XSStrike
• XSS-Loader
• Freq
• Gxss
• Dalfox

Vuln SSRF:

• SSRFmap
• Gopherus

Vulnerability Scanner:

• Nuclei

Virtual Host Discovery:

• Virtual host scanner

Useful Tools:

• Anew
• Unew
• Gf
• Httprobe
• Httpx
• Waybackurls
• Arjun
• Gau
• GauPlus
• Uro
• Qsreplace
• SocialHunter

Update - Time Line:

• 28 September 2021: Inserted into the script the XSS-Loader tool.
• 10 November 2021: Inserted into the script the waybackurls tool.
• 22 November 2021: Inserted into the script the gau tool.
• 03 February 2022: Inserted into the script the unew,gf and SubOver tools.
• 19 March 2022: Inserted into the script the freq,qsreplace and uro tools.
• 10 April 2022: Inserted into the script the hakrawler and Jeeves.
• 20 April 2022: Inserted into the script the naabu tool.
• 15 November 2022: Inserted into the script the katana tool.
• 26 November 2022: Inserted into the script the Gxss and Dalfox tools
• 19 January 2023: Inserted into the script the socialhunter tool.
• 29 March 2024: Inserted into the script the gauplus tool.