GBounty is a multi-step website vulnerability scanner developed in Golang designed to help companies, pentesters, and bug hunters identify potential vulnerabilities in web applications.
Basically, extend scan.CustomTokens but from the command-line interface.
We can do the following:
Add a flag like: -V / --variable (or even -var) that accepts a format like: "{FOO}:BAR", so {FOO} tokens present in profiles get replaces with "BAR". It should have support to be specified multiple times.
Add a flag like: -VF /--variables-file(or even-varfile`) that accepts a text file with multiple lines, following the same convention as on the previous point.
Make gbounty to automatically look if there's any variables.txt file within the specified profiles path, and if so, load it and use it by default.
Basically, extend
scan.CustomTokens
but from the command-line interface.We can do the following:
-V
/--variable
(or even-var
) that accepts a format like:"{FOO}:BAR"
, so{FOO}
tokens present in profiles get replaces with"BAR"
. It should have support to be specified multiple times.-VF /
--variables-file(or even
-varfile`) that accepts a text file with multiple lines, following the same convention as on the previous point.gbounty
to automatically look if there's anyvariables.txt
file within the specified profiles path, and if so, load it and use it by default.