Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/thehackingsage/bughunter

Tools for BugHunting
https://github.com/thehackingsage/bughunter

bugbounty bughunting discovery exploitation information-gathering mapping penetration-testing poc reporting tools

Last synced: 4 months ago
JSON representation

Tools for BugHunting

Awesome Lists containing this project

README 

          



## Bug Hunter Menu :



- Information Gathering

- Mapping

- Discovery 

- Exploitation

- PoCs & Reporting



### Information Gathering :



- Basic Commands for Information Gathering

- Masscan - TCP Port Scanner

- DNS Recon - DNS Enumeration

- Sublist3r - Find Subdomains

- Alt-DNS - Subdomain Discovery

- Amass - In-Depth DNS Enumeration

- Subfinder - Subdomain Discovery Tool

- Enumall - Setup Script for Regon-NG

- Aquatone - Reconnaissance on Domain Names

- Cloudflare_Enum - Cloudflare DNS Enumeration

- InfoG - Information Gathering Tool

- The Harvester - E-mail, SubDomain, Ports etc.

- Recon-NG - Web Reconnaissance Framework

- SetoolKit - Social Engineering Toolkit

- WhatWeb - Next Generation Web Scanner

- Maltego - Interactive Data Mining Tool    

    

### Mapping :     

    

- Nmap - IP's, Open Ports and Much More

- Firefox - Web Browser

- Firefox Browser Extensions

- Burp Suite Pro

- Burp Suite Extensions

- Intruder Payloads for Burp Suite

- Payloads All The Thing

    

### Discovery :

    

- Acunetix-WVS

- Arachni

- Burp Suite

- Nexpose

- Nikto

- Vega

- Wapiti

- Web Security Scanner

- Websecurify Suite

- Joomscan

- w3af

- Zed Attack Proxy

- WP-Scan

- FuzzDB

- CeWL



### Exploitation :



XSS :

- XSS Radar

- XSSHunter

- xssHunter Client

- DOMxssScanner

- XSSer

- BruteXSS

- XSStrike

- XSS'OR

            

SQLi :  

- SQLmap



XXE : 

- OXML-xxe

- XXEinjextor



SSTI :

- Tplmap



SSRF :

- SSRF-Detector

- Ground Control



LFI :

- LFISuit



Mobile :

- MobSF

- GenyMotion

- Apktool

- dex2jar

- jd-gui

- idb



Other : 

- Gen-xbin-Avi

- GitTools

- DVCS Ripper

- TKO Subs

- SubBruteforcer

- Second-Order

- Race The Web

- CORStest

- RCE Struts-pwn

- ysoSerial

- PHPGGC

- Retire-js

- Getsploit

- Findsploit

- BFAC

- WP-Scan

- CMSmap

- Joomscan

- JSON W T T

- Wfuzz

- Patator

- Netcat

- ChangeMe

- wappalyzer

- builtwith

- wafw00f

- assetnote

- jsbeautifier

- LinkFinder



### PoCs & Reporting :



- Bug Bounty Platforms

- POCs (Proof of Concepts)

- CheatSheet

- EyeWitness

- HttpScreenshot

- BugBountyTemplates

- Template Generator



## How To Install :



```git clone https://github.com/thehackingsage/bughunter.git && cd bughunter && chmod +x bughunter.py && sudo cp bughunter.py /usr/bin/bughunter```



that's it.. type ***bughunter*** in terminal to execute the tool.



Video Tutorial : https://www.youtube.com/watch?v=opvQIgUD0Jc&t=18s



## Download Directory :

   

Normal User : /home/$USER/bughunter/



Root User : /root/bughunter/



- ~/bughunter/info/ : Tools for Information Gathering

- ~/bughunter/mapp/ : Tools for Mapping

- ~/bughunter/disc/ : Tools for Discovery

- ~/bughunter/expt/ : Tools for Exploitation

- ~/bughunter/rept/ : Tools for Reporting

- ~/bughunter/sage/ : Tools by Mr. SAGE



View Tool's README.md File for Installation Instruction and How To Use Guide.



## Source : 



TBHM3, GitHub, Bug Bounty Forum, Google and Few Bug Hunting Articles.



## License :



[MIT Licence](https://github.com/thehackingsage/BugHunter/blob/master/LICENSE)



That's it... If You Like This Repo. Please Share This With Your Friends..



& Don't Forget To Follow Me At [Twitter](https://www.twitter.com/thehackingsage), [Instagram](https://www.instagram.com/thehackingsage), [Github](https://www.github.com/thehackingsage) 

& SUBSCRIBE My [YouTube](https://www.youtube.com/channel/UCYK1n9A4TUq1CvGc6F3DzoA) Channel..!!!



***Thankyou.***

***Happy Hunting..***