A tool to automate a bugbounty process as: Tool will execute multiple tools to collect URLs from internet archives then use some useful patterns/RegEx to look for Sensitive Data Leakage in the form of multiple juicy extensions.
Back-Me-Up is a powerful shell script tool designed to automate the bug bounty process by collecting URLs from internet archive data and searching for sensitive data leakage in the form of juicy extensions. The tool utilizes multiple tools, including gau
, gauplus
, cariddi
, waymore
, gospider
, crawley
, hakrawler
,katana
, and waybackurls
to streamline the process.
[+] go
[+] cariddi
[+] waybackurls
[+] git
[+] waymore
[+] gau
[+] pip3
[+] gauplus
[+] katana
[+] gospider
[+] crawley
[+] httpx
[+] anew
[+] curl
[+] hakrawler
Clone the repo: git clone https://github.com/Dheerajmadhukar/back-me-up.git
Change dir & run the script: cd back-me-up/
To check installed prerequisite packages/tools/libs :
bash backmeup.sh --check/-c
To install all the prerequisite packages/tools/libs :
bash backmeup.sh --install/-i
To use Back-Me-Up, run the following command:
bash backmeup.sh --help/-h
Back-Me-Up works by combining the power of multiple tools to automate the bug bounty process. Here's a high-level overview of the process:
gau
, gauplus
, waybackurls
, cariddi
, waymore
, gospider
, crawley
, hakrawler
and katana
to gather URLs from internet archive data.$ cat ext.txt
dat,rtf,xls,ppt,sdf,odf,pptx,xlsx,exe,lnk,7z,bin,part,pdb,cgi,crdownload,ini,zipx,bak,torrent,jar,sys,deb,sh,docm,mdb,xla,zip,tar.gz,txt,json,csv,doc,docx,git,pem,bash_history,db,key,tar,log,sql,accdb,dbf,apk,cer,cfg,rar,sln,tmp,dll,iso,c,cpp,tgz,sqlite,pgsql.txt,mysql.txt,gz,config,backup,bkp,crt,eml,java,lst,passwd,pl,pwd,dir,orig,bz2,old,vbs,img,inf,py,vbproj,war,go,psql,sql.gz,vb,webinfo,jnlp,temp,webproj,xsql,raw,inc,lck,nz,rc,html.gz,env,yml,save,save.1,ovpn,secret,secrets,access,gitignore,properties,dtd,conf,configs,xml,rb,yaml,toml,tar.bz2,dochtml,odt,pdf,action,adr,ascx,asmx,axd,bkf,bok,achee,cfm,cnf,csr,ica,mai,mbox,mbx,md,nsf,ora,pac,pcf,pgp,plist,rdp,reg,skr,swf,tpl,url,wml,xsd,swp,bac,BAK,NEW,_bak,_old,bak1,lock,atom,_backup,~,%01,(1),gzip,cab,mysql-pconnect,mysql-connect
$ echo "db" >> ext.txt
Back-Me-Up is designed for responsible use in legitimate penetration testing and bug bounty programs. Misuse of this tool may lead to legal consequences. The author is not responsible for any misuse of this tool.
╔════════[ me_dheeraj ]════════════╗
╚═════════════════════════════╝
If you find Back-Me-Up useful, consider buying me a beer to support future development: