NAME

Command Line tools useful during Bug Bounty / Penetration testing. Focused on Web targets.

Installation 📥

• git clone https://github.com/edoardottt/lit-bb-hack-tools
• cd lit-bb-hack-tools
• make build

Then use the tools as described in the README in each tools folder.

• make clean (uninstall)
• make update (update)

Tools list 📃

• eae Take as input on stdin a list of urls and print on stdout all the extensions sorted.
• heacoll Take as input on stdin a list of urls and print on stdout all the unique headers found.
• removepro Take as input on stdin a list of urls and print on stdout all the unique urls without protocols.
• subtake Take as input on stdin a list of urls and print on stdout CNAME records found with dig.
• eap Take as input on stdin a list of urls and print on stdout all the protocols sorted.
• gitdump It prints all the matches in a git repository with a specified pattern.
• removehost Take as input on stdin a list of urls and print on stdout all the unique queries without protocol and host.
• chainredir Take as input a URL and print on stdout all the redirects.
• tahm Take as input on stdin a list of urls and print on stdout all the status codes and body sizes for HTTP methods.
• robotstxt Take as input on stdin a list of urls and print on stdout all the unique paths found in the robots.txt file.
• cleanpath Take as input on stdin a list of urls/paths and print on stdout all the unique paths (at any level).
• eefjsf Take as input on stdin a list of js file urls and print on stdout all the unique endpoints found.
• bbtargets Produce as output on stdout all the bug bounty targets found on Chaos list by Project Discovery.
• nrp Take as input on stdin a list of domains and print on stdout all the unique domains without redirects.
• eah Take as input on stdin a list of urls and print on stdout all the hosts sorted.
• doomxss Take as input on stdin a list of html/js file urls and print on stdout all the possible DOM XSS sinks found.
• eaparam Take as input on stdin a list of urls and print on stdout all the unique parameters.
• bbscope Take as input on stdin a list of urls or subdomains and a BurpSuite Configuration file and print on stdout all in scope items.
• eapath Take as input on stdin a list of urls and print on stdout all the unique urls without queries.
• rpfu Take as input on stdin a list of urls and print on stdout all the unique urls without ports (if 80 or 443).
• rapwp Take as input on stdin a list of urls and a payload and print on stdout all the unique urls with ready to use payloads.
• checkbypass Take as input on stdin a payload and print on stdout all the successful WAF bypasses.
• knoxssme Take as input on stdin a list of urls and print on stdout the results from Knoxss.me API.
• genscope Take as input a file containing a list of (sub)domains (wildcards allowed) and produce a BurpSuite Configuration file.
• kubemetrics Take as input on stdin a list of urls and print on stdout all the unique paths and urls found in the /metrics endpoint.
• earh Take as input on stdin a list of urls and print on stdout all the unique root hosts.

Changelog 📌

Detailed changes for each release are documented in the release notes.

Contributing 🤝

If you want to contribute to this project, you can start opening an issue.

Before opening a pull request, download golangci-lint and run

golangci-lint run

If there aren't errors, go ahead :)

License 📝

This repository is under GNU General Public License v3.0.
edoardottt.com to contact me.