{"id":13842406,"url":"https://github.com/hahwul/backbomb","last_synced_at":"2025-10-01T20:32:29.861Z","repository":{"id":45954850,"uuid":"315044944","full_name":"hahwul/backbomb","owner":"hahwul","description":"💣 Dockerized penetration-testing/bugbounty/app-sec testing environment","archived":true,"fork":false,"pushed_at":"2021-11-24T20:09:50.000Z","size":478,"stargazers_count":32,"open_issues_count":4,"forks_count":8,"subscribers_count":4,"default_branch":"main","last_synced_at":"2024-12-17T14:23:10.689Z","etag":null,"topics":["appsec","bugbounty","docker","docker-image","environment","golang","hacking","pentest","security","tools"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hahwul.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null},"funding":{"custom":["https://paypal.me/hahwul","https://www.buymeacoffee.com/hahwul"]}},"created_at":"2020-11-22T13:32:50.000Z","updated_at":"2024-10-03T05:15:09.000Z","dependencies_parsed_at":"2022-09-07T23:50:37.471Z","dependency_job_id":null,"html_url":"https://github.com/hahwul/backbomb","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hahwul%2Fbackbomb","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hahwul%2Fbackbomb/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hahwul%2Fbackbomb/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hahwul%2Fbackbomb/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hahwul","download_url":"https://codeload.github.com/hahwul/backbomb/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":234897368,"owners_count":18903646,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["appsec","bugbounty","docker","docker-image","environment","golang","hacking","pentest","security","tools"],"created_at":"2024-08-04T17:01:33.919Z","updated_at":"2025-10-01T20:32:24.573Z","avatar_url":"https://github.com/hahwul.png","language":"Go","funding_links":["https://paypal.me/hahwul","https://www.buymeacoffee.com/hahwul"],"categories":["Go"],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003e\n  \u003cbr\u003e\n  \u003ca href=\"\"\u003e\u003cimg src=\"https://user-images.githubusercontent.com/13212227/100126258-1329bb80-2ec1-11eb-915b-7a536a2524e0.png\" alt=\"\" width=\"500px;\"\u003e\u003c/a\u003e\n  \u003cbr\u003e\n  \u003cimg src=\"https://img.shields.io/github/v/release/hahwul/backbomb?style=flat-square\"\u003e \n  \u003ca href=\"https://snapcraft.io/backbomb\"\u003e\u003cimg src=\"https://snapcraft.io/backbomb/badge.svg\" /\u003e\u003c/a\u003e\n  \u003cimg src=\"https://img.shields.io/github/languages/top/hahwul/backbomb?style=flat-square\"\u003e \n  \u003cimg src=\"https://api.codacy.com/project/badge/Grade/ea74e272d1d6486da19d469881e5c176\"\u003e \n  \u003ca href=\"https://goreportcard.com/report/github.com/hahwul/backbomb\"\u003e\u003cimg src=\"https://goreportcard.com/badge/github.com/hahwul/backbomb\"\u003e\u003c/a\u003e \n  \u003cimg src=\"https://github.com/hahwul/backbomb/workflows/CodeQL/badge.svg\"\u003e\n  \u003cimg src=\"https://github.com/hahwul/backbomb/workflows/Docker%20Build/badge.svg\"\u003e\n  \u003cimg src=\"https://github.com/hahwul/backbomb/workflows/Go%20Build/badge.svg\"\u003e\n  \u003ca href=\"https://twitter.com/intent/follow?screen_name=hahwul\"\u003e\u003cimg src=\"https://img.shields.io/twitter/follow/hahwul?style=flat\u0026logo=twitter\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/hahwul\"\u003e\u003cimg src=\"https://img.shields.io/github/stars/hahwul?style=flat\u0026logo=github\"\u003e\u003c/a\u003e\n\u003c/h1\u003e\n\n\u003e Cool Guys Don't Look At Explosions 😎💣\n\n- [What is BackBomb?](#what-is-backbomb-)\n- [Getting started](#getting-started)\n  * [Requirements](#requirements)\n  * [Installation](#installation)\n- [Usage](#usage)\n  * [Initialization](#initialization)\n  * [Run](#run)\n  * [Update](#update)\n  * [Uninstall](#uninstall)\n- [Persistant data and result](#persistant-data-and-result)\n- [Contributors](#contributors)\n\n## What is BackBomb?\nDockerized penetration-testing/bugbounty/app-sec testing environment\n\n## Getting started\n### Requirements\nThis tool uses a docker cli. Docker installation is required. \n\nhttps://docs.docker.com/get-docker\n\n### Installation\n```\n$ go get -u github.com/hahwul/backbomb\n```\n\n## Usage \n```\n.----.   .--.   .---. .-. .-..----.  .----. .-.   .-..----. \n| {}  } / {} \\ /  ___}| |/ / | {}  }/  {}  \\|  `.'  || {}  }\n| {}  }/  /\\  \\\\     }| |\\ \\ | {}  }\\      /| |\\ /| || {}  }\n`----' `-'  `-' `---' `-' `-'`----'  `----' `-' ` `-'`----' \n\nDockerized penetration-testing/bugbounty/app-sec testing environment\n\tCool Guys Don't Look At Explosions 😎💣\n\nUsage:\n  backbomb [command]\n\nAvailable Commands:\n  help        Help about any command\n  init        Initialization backbomb docker image\n  run         Start backbomb\n  update      Update hahwul/backbomb image\n  version     Show version\n\nFlags:\n      --config string   config file (default is $HOME/.backbomb.yaml)\n  -h, --help            help for backbomb\n\nUse \"backbomb [command] --help\" for more information about a command.\n```\n\n### Initialization\n```\n$ backbomb init\n```\n\nAfter initialization, the docker image and volume are prepared 😎\n```\n$ docker images\nREPOSITORY                                       TAG                 IMAGE ID            CREATED             SIZE\nhahwul/backbomb                                  latest              749a17299401        23 hours ago        3.97GB\n```\n```\n$ docker volume list | grep backbomb\nlocal               backbomb\n```\n\n### Run\n`run` command allows you to omit and drive additional docker execution options, such as `--mount`.\n```\n$ backbomb run\n```\n\nsample\n```\n$ backbomb run\nINFO[0000] Starting backbomb 💣\nINFO[0000] The docker client object has been created\nINFO[0000] Container creating job successful\nINFO[0000] 02267b3954516c500e0d4e826c5c4af8d911a1d391352cd3f915e98975b20f83\nINFO[0000] Connecting backbomb container\n☁  /project  ll\ntotal 0\n\n... testing all the things 😁 ...\n\n☁  /project  exit\nINFO[0014] Start the shutdown process.\nINFO[0014] Finish\n```\n\n### Update\nYou can use the update command to update the image.\n```\n$ backbomb update\nINFO[0000] Start update image to latest\nINFO[0000] Pulling backbomb latest image\nINFO[0003] Finish!\n```\n\n### Uninstall\nComing soon!\n\n## Persistant data and result\nThe `/app` path is backbomb [PV(Persistent Volume)](https://docs.docker.com/storage/volumes/) which stores data that needs to be maintained continuously, including Postgres. This means sharing data between the host and the docker, and of course it is not stored on a remote server. Since db interlocking services such as metasploit and find domain are established in advance, you can use them comfortably without any additional interlocking process.\n\ne.g\n```\n☁  /project  msfconsole\n...snip..\n+ -- --=[ 2087 exploits - 1127 auxiliary - 354 post       ]\n+ -- --=[ 592 payloads - 45 encoders - 10 nops            ]\n+ -- --=[ 7 evasion                                       ]\n\nMetasploit tip: When in a module, use back to go\nback to the top level prompt\n\nmsf6 \u003e db_status\n[*] Connected to msf. Connection type: postgresql.\nmsf6 \u003e workspace\n* default\n```\n\n## Contributors\n![](/CONTRIBUTORS.svg)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhahwul%2Fbackbomb","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhahwul%2Fbackbomb","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhahwul%2Fbackbomb/lists"}