Bug Bounty Toolkit
A multiplatform bug bounty toolkit that can be installed on Debian/Ubuntu or setup with Docker.
Why should you use this toolkit?
- The objective of this toolkit is to provide pentesters, security researchers and bug bounty hunters with a pre-configured environment that has some of the most popular tools and frameworks already installed and configured.
- This toolkit offers a multiplatform base to work with as the script can be installed on Linux, setup with Docker or installed on Windows with WSL (Windows Subsystem For Linux).
- The installer script can be customized to add or remove specific tools based on your requirements.
- Tools are constantly being added, updated and fixed.
- Pull once. Update as needed.
- In addition to the tools that are already installed, you can use the Katoolin script to install additional tools that you may require during your engagements.
Docker Pull Instructions
Docker Hub Link: https://hub.docker.com/r/hackersploit/bugbountytoolkit
docker pull hackersploit/bugbountytoolkit
Docker Run Instructions
Run with Bash
docker run -it hackersploit/bugbountytoolkit /bin/bash
Run with ZSH
docker run -it hackersploit/bugbountytoolkit /usr/bin/zsh
Docker Build Instructions
docker build . -t hackersploit/bugbountytoolkit
Installation Instructions - Ubuntu/Debian
git clone https://github.com/AlexisAhmed/BugBountyToolkit.git
cd BugBountyToolkit
chmod +x install.sh
./install.sh
Installing New Tools
You can install new tools from the Kali Linux repositories by utilizing the Katoolin script.
cd ~/toolkit
cd katoolin
./katoolin.py
Installed Tools
- altdns
- amass
- awscli
- bucket_finder
- CloudFlair
- commix
- dirb
- dirsearch
- dnsenum
- dnsrecon
- dotdotpwn
- droopescan
- fierce
- ffuf
- gobuster
- gitGraber
- httprobe
- joomscan
- Knockpy
- masscan
- massdns
- Nikto
- Nmap
- Recon-ng
- s3recon
- S3Scanner
- sqlmap
- subfinder
- Sublist3r
- subjack
- SubOver
- teh_s3_bucketeers
- thc-hydra
- theHarvester
- tmux
- virtual-host-discovery
- wafw00f
- waybackurls
- wfuzz
- whatweb
- wpscan
- XSStrike
- zsh
Wordlists
- SecLists
Tools being added
- Sn1per Framework