Command Line tools useful during Bug Bounty / Penetration testing. Focused on Web targets.
Installation π₯
git clone https://github.com/edoardottt/lit-bb-hack-tools
cd lit-bb-hack-tools
make build
Then use the tools as described in the README in each tools folder.
-
make clean
(uninstall)
-
make update
(update)
Tools list π
-
eae Take as input on stdin a list of urls and print on stdout all the extensions sorted.
-
heacoll Take as input on stdin a list of urls and print on stdout all the unique headers found.
-
removepro Take as input on stdin a list of urls and print on stdout all the unique urls without protocols.
-
subtake Take as input on stdin a list of urls and print on stdout CNAME records found with
dig
.
-
eap Take as input on stdin a list of urls and print on stdout all the protocols sorted.
-
gitdump It prints all the matches in a git repository with a specified pattern.
-
removehost Take as input on stdin a list of urls and print on stdout all the unique queries without protocol and host.
-
chainredir Take as input a URL and print on stdout all the redirects.
-
tahm Take as input on stdin a list of urls and print on stdout all the status codes and body sizes for HTTP methods.
-
robotstxt Take as input on stdin a list of urls and print on stdout all the unique paths found in the robots.txt file.
-
cleanpath Take as input on stdin a list of urls/paths and print on stdout all the unique paths (at any level).
-
eefjsf Take as input on stdin a list of js file urls and print on stdout all the unique endpoints found.
-
bbtargets Produce as output on stdout all the bug bounty targets found on Chaos list by Project Discovery.
-
nrp Take as input on stdin a list of domains and print on stdout all the unique domains without redirects.
-
eah Take as input on stdin a list of urls and print on stdout all the hosts sorted.
-
doomxss Take as input on stdin a list of html/js file urls and print on stdout all the possible DOM XSS sinks found.
-
eaparam Take as input on stdin a list of urls and print on stdout all the unique parameters.
-
bbscope Take as input on stdin a list of urls or subdomains and a BurpSuite Configuration file and print on stdout all in scope items.
-
eapath Take as input on stdin a list of urls and print on stdout all the unique urls without queries.
-
rpfu Take as input on stdin a list of urls and print on stdout all the unique urls without ports (if 80 or 443).
-
rapwp Take as input on stdin a list of urls and a payload and print on stdout all the unique urls with ready to use payloads.
-
checkbypass Take as input on stdin a payload and print on stdout all the successful WAF bypasses.
-
knoxssme Take as input on stdin a list of urls and print on stdout the results from Knoxss.me API.
-
genscope Take as input a file containing a list of (sub)domains (wildcards allowed) and produce a BurpSuite Configuration file.
-
kubemetrics Take as input on stdin a list of urls and print on stdout all the unique paths and urls found in the /metrics endpoint.
-
earh Take as input on stdin a list of urls and print on stdout all the unique root hosts.
Changelog π
Detailed changes for each release are documented in the release notes.
Contributing π€
If you want to contribute to this project, you can start opening an issue.
Before opening a pull request, download golangci-lint and run
golangci-lint run
If there aren't errors, go ahead :)
License π
This repository is under GNU General Public License v3.0.
edoardoottavianelli.it to contact me.