Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Setup Bug Bounty Tools on AWS instance / any VPS for that matter
# Execute as wget -O - gist_url | bash
# Couldn't add gist url as, it changes after every update i.e. as soon as I save this, it's url will change :p
# It's debian based, so for centos and likewise you have to change apt to yum and similarly
InstallationStartTime=$(date +%s)
#### COLORS #### ( Taken from : )
apt-add-repository -y ppa:rael-gc/rvm
apt update -yq # && apt upgrade -y # Do it manually, cause there are some whiptail menus that aren't automated yet and
# thus cause problems
apt-get install -yq python unzip curl git gcc make libpcap-dev python3 python-pip python3-pip clang nmap pzip-full python3.6-dev
pip install rdpy==1.3.2
timedatectl set-timezone Asia/Kolkata
echo -e "\n${LIGHT_YELLOW}Delete older go binary ${NORMAL}\n"
original_go=`which go`
rm $original_go
echo -e "\n${LIGHT_YELLOW}Download go from golang website to install v1.10.3, as subfinder requires v1.10+ ${NORMAL}\n"
tar -C /usr/local -xzf go1.10.3.linux-amd64.tar.gz
echo "export PATH=$PATH:/usr/local/go/bin" >> $HOME/.profile
rm go1.10.3.linux-amd64.tar.gz
echo -e "\n${LIGHT_YELLOW}Reload .bashrc and .profile ${NORMAL}\n"
source $HOME/.profile
source $HOME/.bashrc
mkdir tools && cd tools
echo -e "\n${LIGHT_YELLOW}Present Working Directory : "$PWD${NORMAL}
# git clone && echo -e "\n${LIGHT_YELLOW}Running setup/ ${NORMAL}\n"
# Not using master repo cause, it has wrong options for extracting bzip2 archive type
# Also changed the download source to google drive so as to fasten the downloading process
# git clone && echo -e "\n${LIGHT_YELLOW}Running setup/ ${NORMAL}\n"
# cd EyeWitness/setup
# sh
# cd ..
# Only download new phantomJS if the original EyeWitness failed
# Use the following commented code if using FortyNorthSecurity's repo, as the extracted phantomJS is wrong
# curl -L -o phantomjs-2.1.1-linux-x86_64.tar.bz2 "" -O phantomjs-2.1.1-linux-x86_64.tar.bz2
# tar jxf phantomjs-2.1.1-linux-x86_64.tar.bz2
# cp phantomjs-2.1.1-linux-x86_64/bin/phantomjs bin
# rm -rf phantomjs-2.1.1-linux-x86_64
# rm phantomjs-2.1.1-linux-x86_64.tar.bz2
# curl -L -o geckodriver-v0.13.0-linux32.tar.gz "" -O geckodriver-v0.13.0-linux32.tar.gz
# tar jxf geckodriver-v0.13.0-linux32.tar.gz
# cp geckodriver-v0.13.0-linux32/bin/phantomjs bin
# rm geckodriver-v0.13.0-linux32.tar.gz
# rm -rf geckodriver-v0.13.0-linux32
cd ~/tools
git clone && echo -e "\n${LIGHT_YELLOW}Installing CloudScraper's requirements.txt ${NORMAL}\n"
pip install -r CloudScraper/requirements.txt
go get
if [ $? -eq 0 ]; then
mv ~/go/bin/subfinder /usr/bin/
echo -e "\n${LIGHT_YELLOW} Installed subfinder ${NORMAL}\n"
rm -rf subfinder
echo -e "\n${LIGHT_YELLOW}Try reinstalling subfinder manually ${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}RUN : go get ${NORMAL}\n"
cd ~/tools
git clone && echo -e "\n${LIGHT_YELLOW}Making and copying massdns to /usr/bin/ ${NORMAL}\n"
cd massdns
if [ $? -eq 0 ]; then
mv /root/tools/massdns/bin/massdns /usr/bin/ && cd - # go back to main directory
mkdir /root/tools/massdns_lists
mv /root/tools/massdns/lists/* /root/tools/massdns_lists/massdns_lists/
rm -rf massdns
echo -e "\n${LIGHT_YELLOW}Installed massdns ${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}Try reinstalling massdns manually ${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}RUN : git clone ${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}And then cd into the directory and issue make command ${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}Proceeding with installation of masscan ${NORMAL}\n"
git clone && echo -e "\n${LIGHT_YELLOW}Making masscan ${NORMAL}\n"
cd masscan
make -j
if [ $? -eq 0 ]; then
mv ./bin/masscan /usr/bin/ && cd - # go back to main directory
rm -rf masscan && echo -e "\n${LIGHT_YELLOW}Deleted masscan github local clone ${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}Installed masscan ${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}Try reinstalling masscan manually ${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}RUN : git clone ${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}And then cd into the directory and issue make command ${NORMAL}\n"
go get && echo -e "\n${LIGHT_YELLOW}Got waybackurls ;) ${NORMAL}\n"
mv ~/go/bin/waybackurls /usr/bin/
if [ $? -eq 0 ]; then
echo -e "\n${LIGHT_YELLOW}Installed waybackurls ${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}Try reinstalling waybackurls manually ${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}RUN : go get && echo \"Got waybackurls ;)\" ${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}Then move the binary from ~/go/bin/ to /usr/bin/ ${NORMAL}\n"
git clone && echo -e "\n${LIGHT_YELLOW}Cloned Brutespray ${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}\n Downloading amass \n ${NORMAL}\n"
wget "" -O
echo -e "\n${LIGHT_YELLOW}Extracting amass to /usr/bin/ ${NORMAL}\n"
unzip -o -d /usr/bin/
if [ $? -eq 0 ]; then
echo -e "\n${LIGHT_YELLOW}Installed amass ${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}Try redownloading amass ${NORMAL}\n"
apt-get install -yq python-virtualenv bc locate dnsutils apache2 tree
cd ~/tools & echo -e "\n${LIGHT_YELLOW}Cloning JS-scan ${NORMAL}\n"
git clone
chmod o+x JS-Scan
ln -s "/root/tools/JS-Scan" /var/www/html/JS-Scan
cd ~/tools && echo -e "\n${LIGHT_YELLOW}Cloning bucketkicker ${NORMAL}\n"
git clone
pip3 install -r ~/tools/bucketkicker/requirements.txt
echo -e "\n${LIGHT_YELLOW}Installing trufflehog ${NORMAL}\n"
pip install truffleHog
echo -e "\n${LIGHT_YELLOW}Installing wafw00f ${NORMAL}\n"
pip install wafw00f
echo -e "\n${LIGHT_YELLOW}Installing whatweb ${NORMAL}\n"
apt-get install -yq whatweb
echo -e "\n${LIGHT_YELLOW}Installing snallygaster ${NORMAL}\n"
pip3 install snallygaster
cd ~/tools && echo -e "\n${LIGHT_YELLOW}Installing SubOver ${NORMAL}\n"
go get
mkdir -p ~/tools/SubOver
mv ~/go/bin/SubOver ~/tools/SubOver
cp ~/go/src/ ~/tools/SubOver
cd ~/tools && echo -e "\n${LIGHT_YELLOW}Cloning CloudFlare-Enum ${NORMAL}\n"
git clone
cd ~/tools && echo -e "\n${LIGHT_YELLOW}Cloning AWS-Bruteforcer ${NORMAL}\n"
git clone
cd aws-s3-bruteforce
pip install boto
cd ~/tools
# Although cloning Goohak and GoogD0rker but need to make a workaround for google's IP restriction on advanced search
# Cause these are not working for me
echo -e "\n${LIGHT_YELLOW}For Goohak and GoogD0rker pip install google ${NORMAL}\n"
pip install google
cd ~/tools && echo -e "\n${LIGHT_YELLOW}Cloning Goohak ${NORMAL}\n"
git clone
chmod +x Goohak/goohak
cd ~/tools && echo -e "\n${LIGHT_YELLOW}Cloning GoogD0rker${NORMAL}\n"
# Using my own fork as the owner has still to merge my PR on his repo
git clone
cd ~/tools && echo -e "\n${LIGHT_YELLOW}Installing brakeman : For RoR applications ${NORMAL}\n"
# Alternative : gem install brakeman
# Using git method so as to install the latest brakeman
git clone
cd brakeman
gem build brakeman.gemspec
gem install brakeman-*.gem
mv ~/tools/brakeman/bin/brakeman /usr/local/bin/
mv ~/tools/brakeman/bin/codeclimate-brakeman /usr/local/bin/
rm -rf ~/tools/brakeman
cd ~/tools && echo -e "\n${LIGHT_YELLOW}Installing gitleaks ${NORMAL}\n"
go get -u
cd ~/tools && echo -e "\n${LIGHT_YELLOW}Installing subjack${NORMAL}\n"
go get
# cp ~/go/src/
cd ~/tools && echo -e "\n${LIGHT_YELLOW}Downloading aquatone binary${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}Check the latest binaries at :${NORMAL}\n"
wget ""
cd ~/tools && echo -e "\n${LIGHT_YELLOW}Installing chromium for aquatone${NORMAL}\n"
git clone
cd chromium-latest-linux && sh
# for running chromium
apt-get install -yq --no-install-recommends libasound2 libatk1.0-0 libc6 libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 libnss3
cd ~/tools && echo -e "\n${LIGHT_YELLOW}Getting all wordlists from gdrive, wordlists contain jhaddix's all.txt and massdns as well as subrute's names.txt ${NORMAL}\n"
mkdir wordlists
wget "" -O
unzip -o -d wordlists
cd ~/tools && echo -e "\n${LIGHT_YELLOW}Downloading dirbuster wordlists ${NORMAL}\n"
wget "" -O
unzip -o -d wordlists
# Finally when all is set and folder's deleted
# Get the scripts, it's in a gist
echo -e "\n${LIGHT_YELLOW}Getting the scripts ;\) ${NORMAL}\n"
wget "" -O
unzip -j -d scripts
chmod +x ~/tools/scripts/*
# for i in $( ls scripts/*.sh ); do
# dir=$( echo $i | cut -d"/" -f2 | cut -d"." -f1)
# chmod +x $i
# if [ "$dir" != "brutespray" ]; then # Cause we need to move into brutespray where the is originally
# mkdir $dir
# mv $i $dir
# fi
# done
# rm -rf scripts/
cd ~/tools/massdns/ && git clone
mv subbrute/* .
rm -rf subbrute
pip install wfuzz
cd ~/tools
wget -O ""
chmod +x
wget -O ""
chmod +x
apt autoremove -y
echo -e "\n${LIGHT_YELLOW}Building nmap from git ${NORMAL}\n"
cd ~/tools
git clone
cd nmap && sh ./configure
make install
echo -e "\n${LIGHT_YELLOW}Installing wpscan requirements ${NORMAL}\n"
apt-get -yq install libcurl4-openssl-dev libxml2 libxml2-dev libxslt1-dev ruby-dev build-essential libgmp-dev zlib1g-dev gcc git ruby make software-properties-common
apt-add-repository -y ppa:rael-gc/rvm
apt-get update
apt-get install rvm
apt-get -yq install rvm
cd ~
source /etc/profile.d/
rvm install 2.5.1
rvm use 2.5.1 --default
echo -e "gem: --no-ri --no-rdoc" > ~/.gemrc
#echo -e "source /usr/local/rvm/scripts/rvm" >> ~/.bashrc
cd ~/tools
echo -e "${LIGHT_YELLOW}Cloning wpscan ${NORMAL}"
git clone
cd wpscan
gem install bundler
bundle install --without test
### Install gobuster ####
echo -e "\n${LIGHT_YELLOW}Installing gobuster ${NORMAL}\n"
cd ~/tools && wget
7z x gobuster-linux-amd64.7z
mv gobuster-linux-amd64/gobuster .
rm -rf gobuster-linux-amd64/
chmod +x ~/tools/gobuster
# cat targets.txt | while read line; do gobuster -f -k -e -to 5s -t 40 -w ~/tools/wordlists/starter.txt -u "$line" | tee out.txt ; done
echo -e "${LIGHT_YELLOW}Setting ulimit to 100000 ${LIGHT_GREEN}( so as to make gobuster work fine with 100 threads ) ${NORMAL}"
echo "ulimit -n 100000" >> ~/.bashrc
### Install searchsploit ####
echo -e "\n${LIGHT_YELLOW}Installing searchsploit${NORMAL}\n"
mkdir /opt
git clone /opt/exploitdb
sed 's|path_array+=(.*)|path_array+=("/opt/exploitdb")|g' /opt/exploitdb/.searchsploit_rc > ~/.searchsploit_rc
ln -sf /opt/exploitdb/searchsploit /usr/local/bin/searchsploit
InstallationCompletionTime=$(date +%s)
echo -e "\n${LIGHT_YELLOW}Setting up GOPATH and GO bin in path ${NORMAL}\n"
echo "export GOPATH=$HOME/go" >> ~/.bashrc
echo "PATH=$PATH:/root/tools/chromium-latest-linux/latest/chrome-linux:/root/tools:$GOPATH/bin" >> ~/.bashrc
echo -e "${LIGHT_GREEN}Setup Complete Bug Bounty tools :) :) ${NORMAL}\n"
echo -e "${BOLD}Usage : ./ domain basic|advanced${NORMAL}\n"
echo -e "Total Time taken : ${LIGHT_GREEN}$(( $InstallationCompletionTime-$InstallationStartTime )) ${NORMAL}seconds"
echo -e "\n${LIGHT_YELLOW}e.g. ./ basic|advanced ${NORMAL}\n"
echo -e "\n"
echo -e "${RED}Don't forget to add subfinder's config.json at ~/.config/subfinder/config.json${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}Also check for aquatone's latest binaries at :${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}Enjoy :) ${NORMAL}\n"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.