A multiplatform bug bounty toolkit that can be installed on Debian/Ubuntu or setup with Docker.

Github Repository: https://github.com/AlexisAhmed/BugBountyToolkit

Why should you use this toolkit?

  • This toolkit offers a multiplatform base to work with as the script can be installed on Linux, set up with Docker, or installed on Windows with WSL (Windows Subsystem For Linux).
  • The installer script can be customized to add or remove specific tools based on your requirements.
  • Tools are constantly being added, updated, and fixed.
  • Pull once. Update as needed.

Docker Pull & Run Instructions

Docker Hub Link: https://hub.docker.com/r/hackersploit/bugbountytoolkit

docker pull hackersploit/bugbountytoolkit
docker run -it hackersploit/bugbountytoolkit /bin/bash


Docker Build Instructions

docker build . -t hackersploit/bugbountytoolkit

Installation Instructions – Ubuntu/Debian

git clone https://github.com/AlexisAhmed/BugBountyToolkit.git
cd BugBountyToolkit
chmod +x install.sh

Running Multiple Sessions

You can run multiple sessions/tools on the same container by utilizing the exec command. You can use the exec command to deploy more than one session for each container. This can be done by running the following command for every new session:

docker exec -it <ID> /bin/bash

Running multiple sessions with Tmux

tmux is a terminal multiplexer for Unix-like operating systems. It allows multiple terminal sessions to be accessed simultaneously in a single window. It is useful for running more than one command-line program at the same time.

Installed Tools

  •  altdns
  •  amass
  •  bucket_finder
  •  CloudFlair
  •  commix
  •  dirb
  •  dirsearch
  •  dnsenum
  •  dnsrecon
  •  dotdotpwn
  •  fierce
  •  gobuster
  •  joomscan
  •  Knockpy
  •  masscan
  •  massdns
  •  Nikto
  •  Nmap
  •  Recon-ng
  •  s3recon
  •  sqlmap
  •  subfinder
  •  Sublist3r
  •  teh_s3_bucketeers
  •  thc-hydra
  •  theHarvester
  •  tmux
  •  virtual-host-discovery
  •  wafw00f
  •  wfuzz
  •  whatweb
  •  wpscan
  •  XSStrike
  •  zsh


  • SecLists

Tools being added

  •  aquatone
  •  AWSBucketDump
  •  CommonSpeak
  •  gitrob
  •  Lazys3
  •  Sn1per
  •  unfurl