Bug Bounty Toolkit – A multi-platform bug bounty toolkit

A multi-platform bug bounty toolkit that can be installed on Debian/Ubuntu or setup with Docker.

Github Repository: https://github.com/AlexisAhmed/BugBountyToolkit

Why should you use this toolkit?

• This toolkit offers a multi-platform base to work with as the script can be installed on Linux, set up with Docker, or installed on Windows with WSL (Windows Subsystem For Linux).
• The installer script can be customized to add or remove specific tools based on your requirements.
• Tools are constantly being added, updated, and fixed.
• Pull once. Update as needed.

Docker Pull & Run Instructions

Docker Hub Link: https://hub.docker.com/r/hackersploit/bugbountytoolkit

docker pull hackersploit/bugbountytoolkit

docker run -it hackersploit/bugbountytoolkit

Docker Build Instructions

docker build . -t hackersploit/bugbountytoolkit

Installation Instructions – Ubuntu/Debian

git clone https://github.com/AlexisAhmed/BugBountyToolkit

cd BugBountyToolkit

chmod +x install.sh

./install.sh

Running Multiple Sessions

You can run multiple sessions/tools on the same container by utilizing the exec command. You can use the exec command to deploy more than one session for each container. This can be done by running the following command for every new session:

docker exec -it <ID> /bin/bash

Installed Tools

•  altdns
•  amass
•  bucket_finder
•  CloudFlair
•  commix
•  dirb
•  dirsearch
•  dnsenum
•  dnsrecon
•  dotdotpwn
•  fierce
•  gobuster
•  joomscan
•  Knockpy
•  masscan
•  massdns
•  Nikto
•  Nmap
•  Recon-ng
•  s3recon
•  sqlmap
•  subfinder
•  Sublist3r
•  teh_s3_bucketeers
•  thc-hydra
•  theHarvester
•  tmux
•  virtual-host-discovery
•  wafw00f
•  wfuzz
•  whatweb
•  wpscan
•  XSStrike
•  zsh

Wordlists

• SecLists

Tools being added

•  aquatone
•  AWSBucketDump
•  CommonSpeak
•  gitrob
•  Lazys3
•  Sn1per
•  unfurl