Command Line tools useful during Bug Bounty / Penetration testing. Focused on Web targets.
Installation π₯
git clone https://github.com/edoardottt/lit-bb-hack-toolscd lit-bb-hack-toolsmake build
Then use the tools as described in the README in each tools folder.
make clean(uninstall)make update(update)
Tools list π
- eae Take as input on stdin a list of urls and print on stdout all the extensions sorted.
- heacoll Take as input on stdin a list of urls and print on stdout all the unique headers found.
- removepro Take as input on stdin a list of urls and print on stdout all the unique urls without protocols.
- subtake Take as input on stdin a list of urls and print on stdout CNAME records found with
dig. - eap Take as input on stdin a list of urls and print on stdout all the protocols sorted.
- gitdump It prints all the matches in a git repository with a specified pattern.
- removehost Take as input on stdin a list of urls and print on stdout all the unique queries without protocol and host.
- chainredir Take as input a URL and print on stdout all the redirects.
- tahm Take as input on stdin a list of urls and print on stdout all the status codes and body sizes for HTTP methods.
- robotstxt Take as input on stdin a list of urls and print on stdout all the unique paths found in the robots.txt file.
- cleanpath Take as input on stdin a list of urls/paths and print on stdout all the unique paths (at any level).
- eefjsf Take as input on stdin a list of js file urls and print on stdout all the unique endpoints found.
- bbtargets Produce as output on stdout all the bug bounty targets found on Chaos list by Project Discovery.
- nrp Take as input on stdin a list of domains and print on stdout all the unique domains without redirects.
- eah Take as input on stdin a list of urls and print on stdout all the hosts sorted.
- doomxss Take as input on stdin a list of html/js file urls and print on stdout all the possible DOM XSS sinks found.
- eaparam Take as input on stdin a list of urls and print on stdout all the unique parameters.
- bbscope Take as input on stdin a list of urls or subdomains and a BurpSuite Configuration file and print on stdout all in scope items.
- eapath Take as input on stdin a list of urls and print on stdout all the unique urls without queries.
- rpfu Take as input on stdin a list of urls and print on stdout all the unique urls without ports (if 80 or 443).
- rapwp Take as input on stdin a list of urls and a payload and print on stdout all the unique urls with ready to use payloads.
- checkbypass Take as input on stdin a payload and print on stdout all the successful WAF bypasses.
- knoxssme Take as input on stdin a list of urls and print on stdout the results from Knoxss.me API.
- genscope Take as input a file containing a list of (sub)domains (wildcards allowed) and produce a BurpSuite Configuration file.
- kubemetrics Take as input on stdin a list of urls and print on stdout all the unique paths and urls found in the /metrics endpoint.
- earh Take as input on stdin a list of urls and print on stdout all the unique root hosts.
Changelog π
Detailed changes for each release are documented in the release notes.
Contributing π€
If you want to contribute to this project, you can start opening an issue.
Before opening a pull request, download golangci-lint and run
golangci-lint runIf there aren't errors, go ahead :)
License π
This repository is under GNU General Public License v3.0.
edoardottt.com to contact me.