nahamsec / bbht Goto Github PK

Why making bash_profile function when make script on /usr/local/bin is more linux standard?? if you want i can make a pull request.

And 2nd, before hitting me lol i dont try to run lazyrecon, but it is odd to see on this bash_profile you make a cd to /tools/sqlmap or /tools/dirsearch when your install directory is ~/tools so wtf ??
and i can make a pull request to check if tools are already installed and making a symlink to ~/tools directory.

I dont hope answer because i saw the past issue/pull request lol but for those who are interested say it and i will fork this repo and make appropriate change. HF and thanks for this script man

xray is an excellent security assessment tool. It supports lots of web vulnerability detection and very fast.
Check it in https://github.com/chaitin/xray

Dear Sir,

Current version does not install gf, gau, waybackurls Ubuntu Or Kali Linux. It does not show installation path to add API, or other keys for censys, shodan based scripts or tools.

Second thing, please make it world no.01 web bug hunting installer by adding these top notch bug hunting tools.

Subdomains enumeration:

Amass
Assetfinder
Crobat
Findomain
Github-subdomains
Subfinder
Sudomy
subdomainizer
sublister
findomain

Subdomain Takeover:

Subover
Autosubtakeover
Tko-subs
Subjack

Cloud Workflow: AWS_Recon
festin
lazys3
s3brute
flumberboozle
slurp

DNS resolver

dnsx
MassDNS
PureDNS
ShuffleDNS
DNSvalidator

Visual Inspection - Screenshots

Aquatone
Gowitness
httpscreenshot

HTTP probe

httprobe
httpx

Web crawler / Content Discovery

Gospider
Hakrawler
ParamSpider
gau
waybackurls
paramspider
GF
GF_Pattern
Photon

Network scanner

Rustscan
Masscan
Naabu
Nmap
Brutespray

HTTP Parameter

Arjun
x8 *

Fuzzing tools

Ffuf
Gobuster
Wfuzz
Gobuster
Dirsearch
Dirb

LFI/RFI tools

LFISuite
Fimap

XPR1M3 / sqli-lfi-xss-rce-dorker-and-auto-exploiter-Python
https://github.com/XPR1M3/sqli-lfi-xss-rce-dorker-and-auto-exploiter-Python-.git

Spring4Shell:
redhuntlabs / Hunt4Spring | https://github.com/redhuntlabs/Hunt4Spring.git

Log4j:
log4jscan for Linux | https://github.com/intezer/log4jscan.git

SSRF tools

SSRFmap
Gopherus
Interactsh

SSTI tools

tplmap *

API hacking tools

Kiterunner + API routes

Wordlists

SecLists

Vulns - XSS

Dalfox
Bxss
XSpear
kxss
XSStrike
Gxss
FinDOM-XSS
X5S
Xenotix XSS Exploit Framework

Vulns - SQL Injection

SQLbit
BSQL hacker
SQLMap
SQLninja
Safe3 SQL injector
SQLSus
Mole
NoSQLMap
SQLmate
ATLAS (WAF Bypass Suggester for SQLmap)
SQLiScanner
AutoSQLi
Bypass-WAF-SQLMAP
KhetaguriDimitri/SQL-Injection
Agressiv1njector/psqli-pro
AngelSecurityTeam/SQLiDumper-AngelSecurityTeam
JohnTroony/Blisqy
quadcoreside/QuadCore-Web-SQLi-Injecter-DB-Dumper
enjoiz/BSQLinjector
lanmaster53/sqli-exploiter
Sqliv
Havij
BBQSQL
Leviathan
WhiteWidow
jSQL Injection

CMS Scanner

WPscan
droopescan
AEM-Hacker
Drupwn 
Wig

Vulns - Scanner

Jaeles
Nikto **
Nuclei

JavaScript hunting

LinkFinder
SecretFinder
subjs
GetJS

Find_Web_Technologies

Wappalyzer CLI

Git Hunting / GIT Enum Tools:

GitDorker *
gitGraber *
GitHacker *
GitTools *
Githound
Trufflehog
Gitscanner

Sensitive Stuff Finding

DumpsterDiver *
EarlyBird *
Ripgrep

Useful tools

anew
anti-burl
getallurls
gron
Interlace
jq *
qsreplace
Tmux
unfurl
Uro *

Web Exploitation Frameworks:

Sn1per
Vajra
Jok3r v3 beta
osmedeus
cobra
Arachni
TIDoS Framework
sudomy
Grabber
Vega
Zed Attack Proxy
Wapiti
W3af
WebScarab
Skipfish
Ratproxy
Wfuzz
Grendel-Scan
Watcher

JS Enumeration Tools:

jsscanner
jsparser
linkfinder

Fingerprint & CVE Tools:

nuclei
webtech
waf

Hi there

I modified this script to work for ZSH
https://github.com/NetanMangal/bbht
When i run it on kali linux, everything works fine as far as the script goes.

But when I do ls -lah in ~/tools folder, it shows only 3 tools installed...

However it works perfect on Ubuntu
What are the other changes that I need to do to make it run on ZSH kali

I am currently using kali in vmware. never faced this problem before but today when i install bbht i am getting error while using dirsearch.

is there any alternative tool?

thanks, explane in readme, i dont understand

what does this mean - One last time: don't forget to set up AWS credentials in ~/.aws/!
the folder is not located in root..

stuck at massdns step. ran it for more than 20 hours still the same.
it had a issue before where after complete scan when you open master report.html you see no urls in that report.
like the urls which shows you directory search results. these it just shows blank.

my pc is a beast and i have tired doing it in vbox,vmware, kali subsytem, ubuntu subsystem, and now finally tried 10 times in kali dual boot in seperate ssd.
please help and fix this. the script is really nice to automate when i sleep.

I had to load a very old snapshot amd reinstall almost everything, one thing is this, but the big problem is, when I install bbht at one point it says that I don't have go installed (even if I install go beforehand) and at one point theres a promo with something about grup and when I restart I just get a blackscreen

This script is very specific to Ubuntu and potentially even a specific Ubuntu version.
This is in part due to snapd being used but also relying on apt as packet manager.
To make this more portable adding a containerized version can go a long way.
Instead of having to adjust the script, the packet manager and tweak the settings, just running it in a container can be significantly easier.

In the repo https://github.com/nahamsec/recon_profile there is no file called bash_profile. The file is named .bash_profile.

Fix: change cat bash_profile >> ~/.bash_profile to cat .bash_profile >> ~/.bash_profile

Installed the scriptfile on a fresh Debuan VPS,(not running Kali)
Box on Vultr

Linux vultr.guest 4.19.0-5-amd64 #1 SMP Debian 4.19.37-5 (2019-06-19) x86_64 GNU/Linux

Getting this.
Listing subdomains using sublister...
Checking certspotter...
Checking http://crt.sh
Starting Massdns Subdomain discovery this may take a while
Massdns finished...
Started dns records check...
Looking into CNAME Records...
Starting discovery...
Probing for live hosts...
./lazyrecon.sh: line 74: httprobe: command not found
cat: ./greenpilled.com/recon-2019-07-30/urllist.txt: No such file or directory
Total of 1 live subdomains were found
Taking screenshots...
[+] 0 URLs to be screenshot
[+] 0 actual URLs screenshot
[+] 0 error(s)
Scraping wayback for data...
./lazyrecon.sh: line 49: waybackurls: command not found
./lazyrecon.sh: line 50: unfurl: command not found
Starting dirsearch..
Traceback (most recent call last):
File "/usr/local/bin/interlace", line 11, in
load_entry_point('Interlace==1.5.3', 'console_scripts', 'interlace')()
File "/usr/local/lib/python3.7/dist-packages/Interlace-1.5.3-py3.7.egg/Interlace/interlace.py", line 24, in main
File "/usr/local/lib/python3.7/dist-packages/Interlace-1.5.3-py3.7.egg/Interlace/interlace.py", line 10, in build_queue
File "/usr/local/lib/python3.7/dist-packages/Interlace-1.5.3-py3.7.egg/Interlace/lib/core/input.py", line 199, in process_commands
Exception: No target provided, or empty target list
Scan for xxx.com finished successfully
Scan completed in : 3 minutes and 13 seconds.

Not fully working, no screenshots for instance

echo "installing bash_profile aliases from recon_profile"
git clone https://github.com/nahamsec/recon_profile.git
cd recon_profile
cat bash_profile >> ~/.bash_profile <<<<< shouldnt this be cat .bash_profile >> ~/.bash_profile?
source ~/.bash_profile
cd ~/tools/
echo "done"

hi,
just tried the install script on kali or ubuntu, and got this error

install.sh 35: install.sh syntax error: "(" unexpected (expecting "fi")

hope it ll help
thxx for the great work

sudo apt-get -y upgrade
That wasn't funny at all...