{"id":22311780,"url":"https://github.com/freyxfi/bugrecon","last_synced_at":"2025-09-11T12:31:45.121Z","repository":{"id":265019279,"uuid":"866912189","full_name":"freyxfi/BugRecon","owner":"freyxfi","description":"An automated bug hunting tool for comprehensive reconnaissance, including subdomain enumeration, port scanning, vulnerability detection, and report generation.","archived":false,"fork":false,"pushed_at":"2025-06-24T14:21:14.000Z","size":40,"stargazers_count":11,"open_issues_count":11,"forks_count":11,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-09-05T22:46:45.198Z","etag":null,"topics":["bugbounty","bugbounty-tool","bugbountytips","bughunting","hacktoberfest","hacktoberfest-accepted","hacktoberfest2024","recon","reconnaissance"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/freyxfi.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-10-03T05:32:48.000Z","updated_at":"2025-07-09T08:26:40.000Z","dependencies_parsed_at":"2024-11-27T10:17:59.871Z","dependency_job_id":null,"html_url":"https://github.com/freyxfi/BugRecon","commit_stats":null,"previous_names":["freyxfi/bugrecon"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/freyxfi/BugRecon","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/freyxfi%2FBugRecon","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/freyxfi%2FBugRecon/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/freyxfi%2FBugRecon/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/freyxfi%2FBugRecon/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/freyxfi","download_url":"https://codeload.github.com/freyxfi/BugRecon/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/freyxfi%2FBugRecon/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274633289,"owners_count":25321377,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-11T02:00:13.660Z","response_time":74,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bugbounty","bugbounty-tool","bugbountytips","bughunting","hacktoberfest","hacktoberfest-accepted","hacktoberfest2024","recon","reconnaissance"],"created_at":"2024-12-03T21:28:22.854Z","updated_at":"2025-09-11T12:31:44.835Z","avatar_url":"https://github.com/freyxfi.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Overview\n\nBugRecon is an automated bug hunting tool designed to streamline the reconnaissance phase of bug bounty hunting and penetration testing. It performs essential tasks such as subdomain enumeration, port scanning, directory brute-forcing, vulnerability scanning, and screenshot capturing. By automating these tasks, BugRecon allows security researchers to focus on deeper analysis and exploitation, enhancing efficiency and effectiveness in identifying vulnerabilities.\n\n# Features\n\n1. Target Input: Prompts the user to enter the target domain.\n2. Reconnaissance Depth: Allows selection of recon depth (shallow, medium, deep) to customize the extent of scanning.\n3. Subdomain Enumeration: Retrieves subdomains using crt.sh.\n4. Port Scanning: Identifies open ports using nmap.\n5. Directory Brute-Forcing: Discovers hidden directories using ffuf.\n6. Vulnerability Scanning: Checks for common vulnerabilities like SQL Injection (SQLi) and Cross-Site Scripting (XSS).\n7. Screenshot Capturing: Takes screenshots of discovered web applications using EyeWitness.\n8. Report Generation: Compiles findings into a comprehensive report.\n9. Modular Design: Although provided as a single script, the tool is structured for easy expansion and integration of additional features.\n\n    \n# Prerequisites\nBefore using BugRecon, ensure that the following tools and dependencies are installed on your system:\n\n## External Tools\n1. Python 3.6+\n   \n    [Download Python](https://www.python.org/downloads/)\n2. Nmap Install\n\n   `go install github.com/ffuf/ffuf@latest`\n3. ffuf (Fuzz Faster U Fool)\n\n   `go install github.com/ffuf/ffuf@latest`\n\n4. EyeWitness\n\n    ```\n      git clone https://github.com/FortyNorthSecurity/EyeWitness.git\n      cd EyeWitness/Python/setup\n      python setup.py install\n    ```\n\n# Python Packages\n\nInstall the required Python packages using pip\n\n`pip install -r requirements.txt\n`\n\n# Installation\n\n1. Clone the Repository\n2. Install Python Dependencies\n3. Ensure External Tools are Installed\n   Make sure that nmap, ffuf, and EyeWitness are installed and added to your system's PATH.\n\n# Usage (update it)\nRun the bug_recon.py script using Python\n\n# Step-by-Step Guide (comming soon)\n\n# Recon Depth Levels (comming soon)\n\n# Example (comming soon)\n\n# Generated Report (example.com_report.txt)\n\n(comming soon) \nsomething like this \n\n```\nBug Recon Report for example.com\nSubdomains Found:\n- subdomain1.example.com\n- subdomain2.example.com\n- subdomain3.example.com\n- subdomain4.example.com\n- subdomain5.example.com\n\nOpen Ports:\n- 80\n- 443\n- 8080\n\nVulnerabilities:\n- subdomain1.example.com:80\n  - Possible SQL Injection\n  - Possible XSS\n- subdomain3.example.com:443\n  - Possible XSS\n```\n\n\n# Contributing (comming soon)\n\nContributions are welcome! If you'd like to enhance BugRecon, follow these steps:\n\n# License \n\n\nNote :- feel free to update and contribute \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffreyxfi%2Fbugrecon","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffreyxfi%2Fbugrecon","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffreyxfi%2Fbugrecon/lists"}