-
-
Save ResistanceIsUseless/474c31c4d2afe8c397cc69812fc252d1 to your computer and use it in GitHub Desktop.
Bug bounty environment setup with some additional tools
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #note: This is a pretty sloppy script in someplaces so use at your own risk. | |
| ######################################## | |
| # Configuration | |
| ######################################## | |
| InstallPath=/home/static/Tools | |
| ######################################## | |
| mkdir -p $InstallPath/{temp,Scripts/Recon} | |
| echo -e "\e[92m[*] Starting Install... [*]" | |
| echo -e "\e[92m[*] Upgrade installed packages to latest [*]" | |
| echo -e "\e[92m\nRunning a package upgrade...\n" | |
| #sudo apt-get -qq update && apt-get -qq dist-upgrade -y | |
| #sudo apt full-upgrade -y | |
| #Packages from standard repos | |
| echo -e "\e[92m[*] Install Packages From Repo [*]" | |
| echo -e "\e[92m\nInstalling default packages...\n" | |
| sudo apt-get install -y build-essential checkinstall fail2ban gcc golang git sqlite3 ruby-full ruby-dev unzip jruby nodejs clang snapd | |
| sudo apt-get install -y python-dev python-pip python3-pip python-numpy python-scipy python3-dnspython python-setuptools python3-qtpy | |
| sudo apt-get install -y libbz2-dev libc6-dev libgdbm-dev libncursesw5-dev libreadline-gplv2-dev libsqlite3-dev libffi-dev libssl-dev tk-dev libldns-dev xvfb x11-xkb-utils xfonts-100dpi xfonts-75dpi xfonts-scalable xfonts-cyrillic x11-apps libdbus-1-dev libgtk2.0-dev libnotify-dev libgconf2-dev libasound2-dev libcap-dev libcups2-dev libxtst-dev libxss1 libnss3-dev gcc-multilib g++-multilib | |
| sudo apt-get install -y fish zsh xonsh alien terminator nikto nmap wget curl awscli whatweb fonts-powerline pipenv bloodhound firefox-esr eye dnsutils psmisc jq rename xargs snapd | |
| #Ruby RVM | |
| echo -e "\e[92m[*] Install Ruby Version Manager[*]" | |
| #sudo apt-get -qq install gnupg2 -y | |
| curl -sSL https://rvm.io/mpapis.asc | gpg --import - | |
| curl -L https://get.rvm.io | bash -s stable --ruby | |
| echo -e "source /usr/local/rvm/scripts/rvm" >> ~/.bashrc | |
| #npm packages | |
| echo -e "\e[92m[*] NPM Packages" | |
| echo -e "\e[92m[*] Installing Node Red" | |
| npm install -g --unsafe-perm node-red | |
| npm install wkhtmltoimage | |
| npm install -g pown@latest | |
| #npm install phantomjs -g | |
| #npm install casperjs -g | |
| #gem and pip packages | |
| echo -e "\e[92m[*] GEM Packages" | |
| echo -e "\e[92m[*] install wpscan [*]" | |
| sudo gem install wpscan | |
| echo -e "\e[92m[*] install evil-winrm [*]" | |
| sudo gem install evil-winrm | |
| echo -e "\e[92m[*] PIP Packages" | |
| echo -e "\e[92m[*] install snallygaster[*]" | |
| pip3 install snallygaster | |
| echo -e "\e[92m[*] install dnsgen[*]" | |
| pip3 install dnsgen | |
| echo -e "\e[92m[*] install angularjs-csti-scanner (acstis)[*]" | |
| pip3 install https://github.com/tijme/angularjs-csti-scanner/archive/master.zip | |
| echo -e "\e[92m[*] install truffleHog[*]" | |
| pip3 install truffleHog | |
| echo -e "\e[92m[*] install ivre[*]" | |
| pip3 install ivre | |
| echo -e "\e[92m[*] install RDPY[*]" | |
| pip3 install rdpy | |
| echo -e "\e[92m[*] install ldapdomaindump[*]" | |
| sudo pip3 install ldap3 dnspython ldapdomaindump impacket | |
| #sudo pip3 install crackmapexec | |
| echo -e "\e[92m[*] install python-bloodhound[*]" | |
| pip install bloohound | |
| echo -e "\e[92m[*] install pwntools[*]" | |
| pip3 install --upgrade pwntools | |
| #Snap packages | |
| echo -e "\e[92m[*] Snap Packages" | |
| echo -e "\e[92m[*] install amass[*]" | |
| sudo snap install amass | |
| #echo -e "\e[92m[*] Making Bounty Scan Area.. [*]" | |
| #mkdir -p $InstallPath/mass-bounty/ | |
| #mkdir -p $InstallPath/mass-bounty/angular-results/ | |
| #mkdir -p $InstallPath/mass-bounty/crlf-results/ | |
| #mkdir -p $InstallPath/mass-bounty/dirsearch-results/ | |
| #mkdir -p $InstallPath/mass-bounty/jexboss-results/ | |
| #mkdir -p $InstallPath/mass-bounty/tko-results/ | |
| #mkdir -p $InstallPath/mass-bounty/s3-results/ | |
| #Bug Bounty tools | |
| #HTTP Parameter Discovery Suite | |
| cd $InstallPath | |
| git clone https://github.com/s0md3v/Arjun | |
| cd $InstallPath/Arjun | |
| #web parameter brute force | |
| echo -e "\e[92m[*] Install parameth[*]" | |
| cd $InstallPath | |
| git clone https://github.com/maK-/parameth.git | |
| cd $InstallPath/parameth | |
| #All-in-One OS command injection and exploitation tool | |
| echo -e "\e[92m[*] Install commix[*]" | |
| cd $InstallPath | |
| git clone https://github.com/commixproject/commix.git | |
| cd $InstallPath/commix | |
| #DNS enumeration across all target DNS servers | |
| echo -e "\e[92m[*] Install bass[*]" | |
| cd $InstallPath | |
| git clone https://github.com/Abss0x7tbh/bass.git | |
| cd $InstallPath/bass | |
| python3 -m pip install -r requirements.txt | |
| #Create multiple intances of a single program | |
| echo -e "\e[92m[*] Install Interlace[*]" | |
| cd $InstallPath | |
| git clone https://github.com/codingo/Interlace | |
| cd $InstallPath/Interlace | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Install JSParser[*]" | |
| git clone https://github.com/nahamsec/JSParser.git | |
| cd $InstallPath/JSParser | |
| sudo python setup.py install | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Install degoogle[*]" | |
| git clone https://github.com/deepseagirl/degoogle.git | |
| cd $InstallPath/degoogle | |
| sudo python setup.py install | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Install BFAC (Backup File Artifacts Checker)[*]" | |
| git clone https://github.com/mazen160/bfac.git | |
| cd $InstallPath/bfac* | |
| sudo pip3 install -r requirements.txt | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Install Sublist3r[*]" | |
| git clone https://github.com/Plazmaz/Sublist3r.git | |
| cd $InstallPath/Sublist3r | |
| sudo pip3 install -r requirements.txt | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Install SSRFmap[*]" | |
| git clone https://github.com/swisskyrepo/SSRFmap.git | |
| cd $InstallPath/SSRFmap | |
| sudo pip3 install -r requirements.txt | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Installing teh_s3_bucketeers.. [*]" | |
| git clone https://github.com/tomdev/teh_s3_bucketeers.git | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Installing S3Scanner.. [*]" | |
| git clone https://github.com/sa7mon/S3Scanner.git | |
| cd $InstallPath/S3Scanner | |
| sudo pip3 install -r requirements.txt | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Install crlf injection[*]" | |
| git clone https://github.com/random-robbie/CRLF-Injection-Scanner.git | |
| cd $InstallPath/CRLF-Injection-Scanner | |
| sudo pip3 install -r requirments.txt | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Installing CORS Scan[*]" | |
| git clone https://github.com/chenjj/CORScanner.git | |
| cd $InstallPath/CORScanner | |
| sudo pip3 install -r requirements.txt | |
| cd $InstallPath | |
| echo -e "\e[92m[*] See SURF[*]" | |
| git clone https://github.com/In3tinct/See-SURF.git | |
| cd $InstallPath | |
| echo -e "\e[92m[*] See Knockpy[*]" | |
| git clone https://github.com/guelfoweb/knock.git | |
| cd $InstallPath/knock | |
| sudo python setup.py install | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Installing dirsearch [*]" | |
| git clone https://github.com/maurosoria/dirsearch.git | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Installing serializekiller [*]" | |
| git clone https://github.com/johndekroon/serializekiller.git | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Installing asnlookup [*]" | |
| git clone https://github.com/yassineaboukir/asnlookup.git | |
| cd $InstallPath/asnlookup | |
| sudo pip3 install -r requirements.txt | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Installing VHostScan [*]" | |
| git clone https://github.com/codingo/VHostScan.git | |
| cd $InstallPath/VHostScan | |
| sudo python3 setup.py install | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Installing virtual-host-discovery [*]" | |
| git clone https://github.com/jobertabma/virtual-host-discovery.git | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Installing findomain [*]" | |
| git clone https://github.com/Edu4rdSHL/findomain.git | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Installing Smuggler [*]" | |
| mkdir Smuggler | |
| cd Smuggler | |
| wget https://raw.githubusercontent.com/gwen001/pentest-tools/master/smuggler.py | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Installing LinkFinder [*]" | |
| git clone https://github.com/GerbenJavado/LinkFinder.git | |
| cd LinkFinder | |
| pip3 install -r requirements.txt | |
| python setup.py install | |
| #cd $InstallPath | |
| #echo -e "\e[92m[*] Installing CloudStorageFinder [*]" | |
| #git clone https://github.com/digininja/CloudStorageFinder.git | |
| #cd $InstallPath | |
| #echo -e "\e[92m[*] Installing Eyeballer Screenshot ML Review [*]" | |
| #git clone https://github.com/BishopFox/eyeballer.git | |
| #cd $InstallPath/eyeballer | |
| #pip install -r requirements.txt | |
| #sudo pip3 install -r requirements-gpu.txt | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Installing archaeologit [*]" | |
| git clone https://github.com/peterjaric/archaeologit.git | |
| cd $InstallPath | |
| echo -e "\e[92m[*]Installing secretfinder [*]" | |
| git clone https://github.com/m4ll0k/SecretFinder.git | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Installing Mass DNS [*]" | |
| git clone https://github.com/blechschmidt/massdns.git | |
| cd massdns | |
| sudo make | |
| sudo make install | |
| cd .. | |
| #cd $InstallPath | |
| #echo -e "\e[92m[*] Installing Sub Brute [*]" | |
| #git clone https://github.com/TheRook/subbrute.git | |
| #cd.. | |
| #cd $InstallPath | |
| #echo -e "\e[92m[*] Installing ActiveDirectory LdapDomainDump [*]" | |
| #git clone https://github.com/dirkjanm/ldapdomaindump.git | |
| #cd $InstallPath/ldapdomaindump | |
| #python setup.py install | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Installing Expired Domain Take Overs [*]" | |
| git clone https://github.com/JordyZomer/autoSubTakeover.git | |
| cd $InstallPath/autoSubTakeover | |
| sudo pip3 install -r requirements.txt | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Installing Striker [*]" | |
| git clone https://github.com/UltimateHackers/Striker.git | |
| cd $InstallPath/Striker | |
| sudo pip3 install -r requirements.txt | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Installing Spiderfoot [*]" | |
| git clone https://github.com/smicallef/spiderfoot.git | |
| cd $InstallPath/spiderfoot | |
| sudo pip3 install -r requirements.txt | |
| #Network Pentesting Tools | |
| cd $InstallPath | |
| echo -e "\e[92m[*] Installing NullLinux [*]" | |
| git clone https://github.com/m8r0wn/nullinux | |
| cd nullinux | |
| sudo bash setup.sh | |
| echo -e "\e[92m[*] Install pwndrop [y]es, [n]o:[*]" | |
| read answer | |
| if [ $answer == y ]; then | |
| echo -e "\e[92m[*] Installing pwndrop[*]" | |
| cd $InstallPath/temp | |
| curl https://raw.githubusercontent.com/kgretzky/pwndrop/master/install_linux.sh | sudo bash | |
| else | |
| echo -e "\e[92m[*] Skipping pwndrop[*]" | |
| fi | |
| #Still tricky to get the shell env right during install every time | |
| #echo -e "\e[92m[*] Install CrackMapExec? [y]es, [n]o:[*]" | |
| #read cme | |
| #if [ $cme == y ]; then | |
| # cd $InstallPath | |
| # echo "\e[92m[*] Installing CrackMapExec [*]" | |
| # sudo apt-get install -y libssl-dev libffi-dev python-dev build-essential | |
| # sudo pip3 install --user pipenv | |
| # PATH=$PATH:/$USER/.local/bin | |
| # cd $InstallPath | |
| # git clone --recursive https://github.com/byt3bl33d3r/CrackMapExec | |
| # cd CrackMapExec && pipenv install | |
| # pipenv shell | |
| # python setup.py install | |
| # exit | |
| #else | |
| # echo -e "\e[92m[*] Skipping CrackMapExec[*]" | |
| #fi | |
| echo -e "\e[92m[*] Install gef [y]es, [n]o:[*]" | |
| read answer | |
| if [ $answer == y ]; then | |
| echo -e "\e[92m[*] Installing gef[*]" | |
| cd $InstallPath/temp | |
| wget -q -O- https://github.com/hugsy/gef/raw/master/scripts/gef.sh | sh | |
| else | |
| echo -e "\e[92m[*] Skipping gef[*]" | |
| fi | |
| echo -e "\e[92m[*] Install Wordlists & Payloads? [y]es, [n]o:[*]" | |
| read answer | |
| if [ $answer == y ]; then | |
| echo -e "\e[92m[*] Installing Wordlists & Payloads in /usr/share/wordlists/[*]" | |
| cd /usr/share/wordlists/ | |
| sh -c "$(curl -fsSL https://raw.githubusercontent.com/foospidy/payloads/master/get.sh)" | |
| else | |
| echo -e "\e[92m[*] Skipping Wordlists & Payloads[*]" | |
| fi | |
| #wget https://gist.github.com/jhaddix/86a06c5dc309d08580a018c66354a056/raw/all.txt | |
| wget https://raw.githubusercontent.com/ResistanceIsUseless/recon/master/apiwords.txt | |
| wget https://raw.githubusercontent.com/ResistanceIsUseless/recon/master/dirhidden.txt | |
| wget https://raw.githubusercontent.com/ResistanceIsUseless/recon/master/patterns.txt | |
| echo -e "\e[92m[*] Installing Recon Automation" | |
| echo -e "\e[92m[*] Install Recon-Pipeline? [y]es, [n]o:[*]" | |
| read answer | |
| if [ $answer == y ]; then | |
| echo -e "\e[92m[*] Installing Recon-Pipeline[*]" | |
| cd $InstallPath/Scripts/Recon | |
| git clone https://github.com/epi052/recon-pipeline | |
| cd $InstallPath/Scripts/Recon/recon-pipeline | |
| pipenv install cmd2 | |
| exit | |
| else | |
| echo -e "\e[92m[*] Skipping Recon-Pipeline[*]" | |
| fi | |
| echo -e "\e[92m[*] Install AutoRecon? [y]es, [n]o:[*]" | |
| read answer | |
| if [ $answer == y ]; then | |
| echo -e "\e[92m[*] Installing AutoRecon[*]" | |
| cd $InstallPath/Scripts/Recon | |
| git clone https://github.com/Tib3rius/AutoRecon.git | |
| cd $InstallPath/Scripts/Recon/AutoRecon | |
| sudo pip3 install -r requirements.txt | |
| else | |
| echo -e "\e[92m[*] Skipping AutoRecon[*]" | |
| fi | |
| echo -e "\e[92m[*] Install Silver [y]es, [n]o:[*]" | |
| read answer | |
| if [ $answer == y ]; then | |
| echo -e "\e[92m[*] Installing Silver[*]" | |
| cd $InstallPath/Scripts/Recon | |
| git clone https://github.com/s0md3v/Silver.git | |
| cd $InstallPath/Scripts/Recon/Silver | |
| sudo pip3 install -r requirements.txt | |
| else | |
| echo -e "\e[92m[*] Skipping Silver[*]" | |
| fi | |
| #https://cobbr.io/Covenant.html | |
| echo -e "\e[92m[*] Install Covenant [y]es, [n]o:[*]" | |
| read answer | |
| if [ $answer == y ]; then | |
| echo -e "\e[92m[*] Installing Covenant[*]" | |
| cd $InstallPath/ | |
| git clone –recurse-submodules https://github.com/cobbr/Covenant | |
| wget -q https://packages.microsoft.com/config/ubuntu/19.04/packages-microsoft-prod.deb -O $InstallPath/Covenant/packages-microsoft-prod.deb | |
| cd $InstallPath/Covenant/ | |
| sudo dpkg -i packages-microsoft-prod.deb | |
| sudo apt-get install apt-transport-https | |
| sudo apt-get install dotnet-sdk-2.2 | |
| cd $InstallPath/Covenant/Covenant | |
| dotnet build | |
| else | |
| echo -e "\e[92m[*] Skipping Covenant[*]" | |
| fi | |
| #Remaining User Setup Script | |
| cd /$InstallPath/temp | |
| wget -q https://gist.githubusercontent.com/ResistanceIsUseless/2a0622f45f8c9badc5275400c4d9c4fd/raw/b44727133b8cf2e04e3af6be8f2ebca126be91d3/user_setup.sh | su -u $SUDO_USER -c sh | |
| echo -e "\e[1;5;92m[*]Finished Installing....[*]" | |
| exit 1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment