Skip to content

Instantly share code, notes, and snippets.

@refabr1k

refabr1k/setup bugbounty tools.md

Last active July 23, 2023 07:56
Show Gist options
  • Save refabr1k/98b7f56d2eca52caf808bcde3a8d5a42 to your computer and use it in GitHub Desktop.
Save refabr1k/98b7f56d2eca52caf808bcde3a8d5a42 to your computer and use it in GitHub Desktop.
Download ZIP
setup bugbounty tools
Raw
setup bugbounty tools.md 
#!/bin/bash

#mkdir tools dir
mkdir ~/Tools
mkdir ~/Wordlists


#sublime
#wget -qO - https://download.sublimetext.com/sublimehq-pub.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/sublimehq-archive.gpg > /dev/null

#echo "deb https://download.sublimetext.com/apt/stable/" | sudo tee /etc/apt/sources.list.d/sublime-text.list


#sudo apt-get update
#sudo apt-get install terminator
#sudo apt-get install sublime-text -y
#sudo apt install golang -y

echo 'export PATH=/home/kali/go/bin:$PATH' >> ~/.zshrc
echo 'function vmshare() { cd /media/sf_VM_SHARE_DRIVE }' >> ~/.zshrc
echo 'function bblogs() { cd /media/sf_bblogs }' >> ~/.zshrc

#Wordlists
git clone https://github.com/danielmiessler/SecLists.git ~/Wordlists

#waybackurl
go install github.com/tomnomnom/waybackurls@latest

#httprobe
wget https://github.com/tomnomnom/httprobe/releases/download/v0.2/httprobe-linux-amd64-0.2.tgz -O ~/Tools/httprobe.tgz
tar xvf ~/Tools/httprobe.tgz && mv httprobe ~/go/bin

#asset finder
wget https://github.com/tomnomnom/assetfinder/releases/download/v0.1.1/assetfinder-linux-amd64-0.1.1.tgz -O ~/Tools/assetfinder.tgz
tar xvf ~/Tools/assetfinder.tgz && mv assetfinder ~/go/bin


#fff
go get -u github.com/tomnomnom/fff

#anew
go install -v github.com/tomnomnom/anew@latest

#comb
go get -u github.com/tomnomnom/comb

#katana
go install github.com/projectdiscovery/katana/cmd/katana@latest

#httpx
go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest

#naabu
sudo apt install -y libpcap-dev
go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest

#getJS
go install github.com/003random/getJS@latest

#hakrawler
go install github.com/hakluke/hakrawler@latest

#interact-sh
go install -v github.com/projectdiscovery/interactsh/cmd/interactsh-client@latest

#arjun
pip3 install arjun

#gf
go get -u github.com/tomnomnom/gf

#inscope
go get -u github.com/tomnomnom/hacks/inscope

#unfurl
go install github.com/tomnomnom/unfurl@latest

#meg
go install github.com/tomnomnom/meg@latest

#----APISEC-------

#The JSON Web Token Toolkit v2
#cd /opt
#sudo git clone https://github.com/ticarpi/jwt_tool
#cd jwt_tool
#python3 -m pip install termcolor cprint pycryptodomex requests
#(Optional) Make an alias for jwt_tool.py
#sudo chmod +x jwt_tool.py
#sudo ln -s /opt/jwt_tool/jwt_tool.py /usr/bin/jwt_tool

 
#Install Kiterunner
#sudo git clone  https://github.com/assetnote/kiterunner.git
#cd kiterunner
#sudo make build
#sudo ln -s /opt/kiterunner/dist/kr /usr/bin/kr


#Install OWASP ZAP
#sudo apt install zaproxy
#Once ZAP is installed, make sure to navigate to the Manage Add-Ons (CTRL+U). Make sure to apply updates for the Fuzzer and OpenAPI Support.

 
#--------------Useful Wordlistss------------------
#SecLists (https://github.com/danielmiessler/SecLists)
#wget -c https://github.com/danielmiessler/SecLists/archive/master.zip -O SecList.zip && unzip SecList.zip && rm -f SecList.zip

#Hacking-APIs (https://github.com/hAPI-hacker/Hacking-APIs)
#wget -c https://github.com/hAPI-hacker/Hacking-APIs/archive/refs/heads/main.zip -O HackingAPIs.zip && unzip HackingAPIs.zip && rm -f HackingAPIs.zip
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment