Το Bughunter είναι ένα σύστημα penetration testing, που περιλαμβάνει όλες τις δοκιμές που χρειάζεται ένας προγραμματιστής – ερευνητής ασφαλείας.
Bug Hunter Menu :
- Information Gathering
- Mapping
- Discovery
- Exploitation
- PoCs & Reporting
Information Gathering :
- Basic Commands for Information Gathering
- Masscan – TCP Port Scanner
- DNS Recon – DNS Enumeration
- Sublist3r – Find Subdomains
- Alt-DNS – Subdomain Discovery
- Amass – In-Depth DNS Enumeration
- Subfinder – Subdomain Discovery Tool
- Enumall – Setup Script for Regon-NG
- Aquatone – Reconnaissance on Domain Names
- Cloudflare_Enum – Cloudflare DNS Enumeration
- InfoG – Information Gathering Tool
- The Harvester – E-mail, SubDomain, Ports etc.
- Recon-NG – Web Reconnaissance Framework
- SetoolKit – Social Engineering Toolkit
- WhatWeb – Next Generation Web Scanner
- Maltego – Interactive Data Mining Tool
Mapping :
- Nmap – IP's, Open Ports and Much More
- Firefox – Web Browser
- Firefox Browser Extensions
- Burp Suite Pro
- Burp Suite Extensions
- Intruder Payloads for Burp Suite
- Payloads All The Thing
Discovery :
- Acunetix-WVS
- Arachni
- Burp Suite
- Nexpose
- Nikto
- Vega
- Wapiti
- Web Security Scanner
- Websecurify Suite
- Joomscan
- w3af
- Zed Attack Proxy
- WP-Scan
- FuzzDB
- CeWL
Exploitation :
XSS :
- XSS Radar
- XSSHunter
- xssHunter Client
- DOMxssScanner
- XSSer
- BruteXSS
- XSStrike
- XSS'OR
SQLi :
- SQLmap
XXE :
- OXML-xxe
- XXEinjextor
SSTI :
- Tplmap
SSRF :
- SSRF-Detector
- Ground Control
LFI :
- LFISuit
Mobile :
- MobSF
- GenyMotion
- Apktool
- dex2jar
- jd-gui
- idb
Other :
- Gen-xbin-Avi
- GitTools
- DVCS Ripper
- TKO Subs
- SubBruteforcer
- Second-Order
- Race The Web
- CORStest
- RCE Struts-pwn
- ysoSerial
- PHPGGC
- Retire-js
- Getsploit
- Findsploit
- BFAC
- WP-Scan
- CMSmap
- Joomscan
- JSON W T T
- Wfuzz
- Patator
- Netcat
- ChangeMe
- wappalyzer
- builtwith
- wafw00f
- assetnote
- jsbeautifier
- LinkFinder
PoCs & Reporting :
- Bug Bounty Platforms
- POCs (Proof of Concepts)
- CheatSheet
- EyeWitness
- HttpScreenshot
- BugBountyTemplates
- Template Generator
Εγκατάσταση
git clone https://github.com/thehackingsage/bughunter.git && cd bughunter && chmod +x bughunter.py && sudo cp bughunter.py /usr/bin/bughunter
Έπειτα δίνουμε την εντολή bughunter οπουδήποτε στο τερματικό μας.
Κατάλογος εφαρμογής
Απλός Χρήστης : /home/$USER/bughunter/
Root Χρήστης: /root/bughunter/
- ~/bughunter/info/ : Tools for Information Gathering
- ~/bughunter/mapp/ : Tools for Mapping
- ~/bughunter/disc/ : Tools for Discovery
- ~/bughunter/expt/ : Tools for Exploitation
- ~/bughunter/rept/ : Tools for Reporting
- ~/bughunter/sage/ : Tools by Mr. SAGE
Μπορείτε να κατεβάσετε το πρόγραμμα από εδώ.