Setup Bug Bounty Tools on AWS instance / any VPS for that matter

setup_bbty.sh

#!/bin/bash

#
# Execute as wget -O - https://gist.github.com/LuD1161/66f30da6d8b6c1c05b9f6708525ea885/raw | bash 
# # Thanks JeffreyShran for the gist url thing
#
#
# It's debian based, so for centos and likewise you have to change apt to yum and similarly 
#
InstallationStartTime=$(date +%s)
#### COLORS #### ( Taken from : https://misc.flogisoft.com/bash/tip_colors_and_formatting )
NORMAL='\e[0m'
RED='\e[31m'
LIGHT_GREEN='\e[92m'
LIGHT_YELLOW='\e[93m'
BLINK='\e[5m'
BOLD='\e[1m'
UNDERLINE='\e[4m'
###############
mkdir ~/tools
apt update -yq && apt upgrade -yq	# Do it manually, cause there are some whiptail menus that aren't automated yet and 
 					                # thus cause problems
# change python3 to python and set priority of 10 - https://stackoverflow.com/a/50331137
update-alternatives --install /usr/bin/python python /usr/bin/python3 10
apt install -yq wget unzip curl screen git gcc make libpcap-dev python3-pip clang nmap python3-dev build-essential libssl-dev libffi-dev python3-venv p7zip-full p7zip-rar tree software-properties-common
apt-add-repository -y ppa:rael-gc/rvm
pip3 install rdpy==1.3.2
timedatectl set-timezone Asia/Kolkata
apt install -y golang-go

cd ~/tools
git clone https://github.com/jordanpotti/CloudScraper.git && echo -e "\n${LIGHT_YELLOW}Installing CloudScraper's requirements.txt ${NORMAL}\n"
pip3 install -r CloudScraper/requirements.txt

echo -e "\n${LIGHT_YELLOW}Installing SubFinder${NORMAL}\n"
GO111MODULE=on go get -v -u github.com/projectdiscovery/subfinder/v2/cmd/subfinder

cd ~/tools
git clone https://github.com/blechschmidt/massdns.git && echo -e "\n${LIGHT_YELLOW}Making and copying massdns to /usr/bin/ ${NORMAL}\n"
cd massdns
make
if [ $? -eq 0 ]; then
	mv /root/tools/massdns/bin/massdns /usr/bin/ && cd - # go back to main directory
	mkdir /root/tools/massdns_lists
	mv /root/tools/massdns/lists/* /root/tools/massdns_lists/
	rm -rf massdns
	echo -e "\n${LIGHT_YELLOW}Installed massdns ${NORMAL}\n"
else
	echo -e "\n${LIGHT_YELLOW}Try reinstalling massdns manually ${NORMAL}\n"
	echo -e "\n${LIGHT_YELLOW}RUN : git clone https://github.com/blechschmidt/massdns.git ${NORMAL}\n"
	echo -e "\n${LIGHT_YELLOW}And then cd into the directory and issue make command ${NORMAL}\n"
fi

echo -e "\n${LIGHT_YELLOW}Proceeding with installation of masscan ${NORMAL}\n"
git clone https://github.com/robertdavidgraham/masscan.git && echo -e "\n${LIGHT_YELLOW}Making masscan ${NORMAL}\n"
cd masscan
make -j
if [ $? -eq 0 ]; then
	mv ./bin/masscan /usr/bin/ && cd - # go back to main directory
	rm -rf masscan && echo -e "\n${LIGHT_YELLOW}Deleted masscan github local clone ${NORMAL}\n"
	echo -e "\n${LIGHT_YELLOW}Installed masscan ${NORMAL}\n"
else
	echo -e "\n${LIGHT_YELLOW}Try reinstalling masscan manually ${NORMAL}\n"
	echo -e "\n${LIGHT_YELLOW}RUN : git clone https://github.com/robertdavidgraham/masscan.git ${NORMAL}\n"
	echo -e "\n${LIGHT_YELLOW}And then cd into the directory and issue make command ${NORMAL}\n"
fi

echo -e "\n${LIGHT_YELLOW}Installing of ffuf${NORMAL}\n"
go get -v -u github.com/ffuf/ffuf

echo -e "\n${LIGHT_YELLOW}Installing subjack${NORMAL}\n"
go get -v -u github.com/haccer/subjack


go get -v -u github.com/tomnomnom/waybackurls && echo -e "\n${LIGHT_YELLOW}Got waybackurls ;) ${NORMAL}\n"
mv ~/go/bin/waybackurls /usr/bin/
if [ $? -eq 0 ]; then
	echo -e "\n${LIGHT_YELLOW}Installed waybackurls ${NORMAL}\n"
else
	echo -e "\n${LIGHT_YELLOW}Try reinstalling waybackurls manually ${NORMAL}\n"
	echo -e "\n${LIGHT_YELLOW}RUN : go get github.com/tomnomnom/waybackurls && echo \"Got waybackurls ;)\" ${NORMAL}\n"
	echo -e "\n${LIGHT_YELLOW}Then move the binary from ~/go/bin/ to /usr/bin/ ${NORMAL}\n"
fi

git clone https://github.com/x90skysn3k/brutespray.git && echo -e "\n${LIGHT_YELLOW}Cloned Brutespray ${NORMAL}\n"

apt install amass -y
if [ $? -eq 0 ]; then
	echo -e "\n${LIGHT_YELLOW}Installed amass ${NORMAL}\n"
	rm amass.zip
else
	echo -e "\n${LIGHT_YELLOW}Try redownloading amass ${NORMAL}\n"
fi

apt-get install -yq bc locate dnsutils apache2

cd ~/tools & echo -e "\n${LIGHT_YELLOW}Cloning JS-scan ${NORMAL}\n"
git clone https://github.com/zseano/JS-Scan.git
chmod o+x JS-Scan
ln -s "/root/tools/JS-Scan" /var/www/html/JS-Scan

cd ~/tools && echo -e "\n${LIGHT_YELLOW}Cloning bucketkicker ${NORMAL}\n"
git clone https://github.com/craighays/bucketkicker.git
pip3 install -r ~/tools/bucketkicker/requirements.txt

echo -e "\n${LIGHT_YELLOW}Installing trufflehog ${NORMAL}\n"
pip3 install truffleHog

echo -e "\n${LIGHT_YELLOW}Installing wafw00f ${NORMAL}\n"
pip3 install wafw00f

echo -e "\n${LIGHT_YELLOW}Installing whatweb ${NORMAL}\n"
apt-get install -yq whatweb

echo -e "\n${LIGHT_YELLOW}Installing snallygaster ${NORMAL}\n"
pip3 install snallygaster

cd ~/tools && echo -e "\n${LIGHT_YELLOW}Cloning CloudFlare-Enum ${NORMAL}\n"
git clone https://github.com/mandatoryprogrammer/cloudflare_enum.git

cd ~/tools && echo -e "\n${LIGHT_YELLOW}Cloning AWS-Bruteforcer ${NORMAL}\n"
git clone https://github.com/Ucnt/aws-s3-data-finder.git
cd aws-s3-data-finder && pip3 install -r requirements.txt
cd ~/tools

# Although cloning Goohak and GoogD0rker but need to make a workaround for google's IP restriction on advanced search
# Cause these are not working for me
echo -e "\n${LIGHT_YELLOW}For Goohak and GoogD0rker pip3 install google ${NORMAL}\n"
pip3 install google

cd ~/tools && echo -e "\n${LIGHT_YELLOW}Cloning Goohak ${NORMAL}\n"
git clone https://github.com/1N3/Goohak.git
chmod +x Goohak/goohak 

cd ~/tools && echo -e "\n${LIGHT_YELLOW}Cloning GoogD0rker${NORMAL}\n"
# Do not use currently it's a WIP
git clone https://github.com/ZephrFish/GoogD0rker.git

cd ~/tools && echo -e "\n${LIGHT_YELLOW}Installing brakeman : For RoR applications ${NORMAL}\n"
# Alternative : gem install brakeman 
# Using git method so as to install the latest brakeman
git clone https://github.com/presidentbeef/brakeman.git
cd brakeman
gem build brakeman.gemspec
yes | gem install brakeman-*.gem
mv ~/tools/brakeman/bin/brakeman /usr/local/bin/
mv ~/tools/brakeman/bin/codeclimate-brakeman /usr/local/bin/
rm -rf ~/tools/brakeman

cd ~/tools && echo -e "\n${LIGHT_YELLOW}Installing gitleaks${NORMAL}\n"
go get -v -u github.com/zricethezav/gitleaks


cd ~/tools && echo -e "\n${LIGHT_YELLOW}Downloading aquatone binary${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}Check the latest binaries at : https://github.com/michenriksen/aquatone/releases${NORMAL}\n"
curl -s https://api.github.com/repos/michenriksen/aquatone/releases/latest | grep "browser_download_url.*linux_amd" | cut -d : -f 3- | tr -d \" | wget -qi -
unzip aquatone_linux_amd64*.zip
rm aquatone_linux_amd64*.zip


cd ~/tools && echo -e "\n${LIGHT_YELLOW}Installing chromium for aquatone${NORMAL}\n"
apt-get install -y chromium

cd ~/tools && echo -e "\n${LIGHT_YELLOW}Getting all wordlists from gdrive, wordlists contain jhaddix's all.txt and massdns as well as subrute's names.txt  ${NORMAL}\n"
mkdir wordlists
wget "https://drive.google.com/uc?export=download&id=1X1TTZhxfiLyqrI1Vrw0_DdhFfl3LzsbX" -O all_resolvers.zip
unzip -o all_resolvers.zip -d wordlists
rm all_resolvers.zip

cd ~/tools && echo -e "\n${LIGHT_YELLOW}Downloading dirbuster wordlists ${NORMAL}\n"
wget "https://drive.google.com/uc?export=download&id=1KbxiE_RFZCDpBDKAJbWeG6NXe7YNtCIc" -O all_wordlists.zip
unzip -o all_wordlists.zip -d wordlists
rm all_wordlists.zip

# Finally when all is set and folder's deleted
# Get the scripts, it's in a gist
echo -e "\n${LIGHT_YELLOW}Getting the scripts ;\) ${NORMAL}\n"
wget "https://codeload.github.com/gist/8182f825bd91344ce4c2bf5e2acdf2b3/zip/9bd795e4824794d0a61f8805d48572b833b10353" -O scripts.zip
unzip -j scripts.zip -d scripts
chmod +x ~/tools/scripts/*
rm scripts.zip 

cd ~/tools
wget -O master_script.sh "https://gist.github.com/LuD1161/0a85aef8e27e4a7644fd4b69efb62caa/raw"
chmod +x master_script.sh
wget -O nmap-input-file-creator.py "https://gist.github.com/LuD1161/dbc44c6c028de2f0cbae9e737af5aa1e/raw"
chmod +x nmap-input-file-creator.py
apt autoremove -y

echo -e "\n${LIGHT_YELLOW}Building nmap from git ${NORMAL}\n"
cd ~/tools
git clone https://github.com/nmap/nmap.git
cd nmap && sh ./configure
make
make install

echo -e "\n${LIGHT_YELLOW}Installing wpscan requirements ${NORMAL}\n"
apt-get -yq install libcurl4-openssl-dev libxml2 libxml2-dev libxslt1-dev ruby-dev libgmp-dev zlib1g-dev gcc git ruby make software-properties-common
apt-add-repository -y ppa:rael-gc/rvm
apt-get -yq update
apt-get -yq install rvm
cd ~
source /etc/profile.d/rvm.sh
rvm install 2.5.1
rvm use 2.5.1 --default
echo -e "gem: --no-ri --no-rdoc" > ~/.gemrc
#echo -e "source /usr/local/rvm/scripts/rvm" >> ~/.bashrc
cd ~/tools
echo -e "${LIGHT_YELLOW}Cloning wpscan ${NORMAL}"
git clone https://github.com/wpscanteam/wpscan.git
cd wpscan
yes | gem install bundler
bundle install --without test


echo -e "${LIGHT_YELLOW}Setting ulimit to 100000 ${LIGHT_GREEN}( so as to make ffuf work fine with higher number of threads ) ${NORMAL}"
echo "ulimit -n 100000" >> ~/.bashrc

### Install searchsploit ####
echo -e "\n${LIGHT_YELLOW}Installing searchsploit${NORMAL}\n"
mkdir /opt
git clone https://github.com/offensive-security/exploitdb.git /opt/exploitdb
sed 's|path_array+=(.*)|path_array+=("/opt/exploitdb")|g' /opt/exploitdb/.searchsploit_rc > ~/.searchsploit_rc
ln -sf /opt/exploitdb/searchsploit /usr/local/bin/searchsploit

### Downloading SecLists ####
echo -e "\n${LIGHT_YELLOW}Downloading SecLists${NORMAL}\n"
cd ~/tools
git clone https://github.com/danielmiessler/SecLists.git

InstallationCompletionTime=$(date +%s)
echo -e "\n${LIGHT_YELLOW}Setting up GOPATH and GO bin in path ${NORMAL}\n"
echo "export GOPATH=$HOME/go" >> $HOME/.profile
echo "PATH=$PATH:/root/tools:$GOPATH/bin" >> $HOME/.profile
source $HOME/.profile
source $HOME/.bashrc
echo -e "${LIGHT_GREEN}Setup Complete Bug Bounty tools :) :) ${NORMAL}\n"
echo -e "${BOLD}Usage : ./master_script.sh domain basic|advanced${NORMAL}\n"
echo -e "Total Time taken : ${LIGHT_GREEN}$(( $InstallationCompletionTime-$InstallationStartTime )) ${NORMAL}seconds"
echo -e "\n${LIGHT_YELLOW}e.g. ./master_script.sh example.com basic|advanced ${NORMAL}\n"
echo -e "\n"
echo -e "${RED}Don't forget to add subfinder's config.json at ~/.config/subfinder/config.json${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}Also check for aquatone's latest binaries at : https://github.com/michenriksen/aquatone/releases${NORMAL}\n"
echo -e "\n${LIGHT_YELLOW}Enjoy :)  ${NORMAL}\n"

In regards to your comment above: https://gist.github.com/LuD1161/66f30da6d8b6c1c05b9f6708525ea885#file-setup_bbty-sh-L6

This should help: https://stackoverflow.com/a/37997658

Woah ! Thanks mate, I didn't ever think someone would really care to look at that.

…

On Fri, 13 Dec, 2019, 10:23 pm tooth_N_tail, ***@***.***> wrote: In regards to your comment above: https://gist.github.com/LuD1161/66f30da6d8b6c1c05b9f6708525ea885#file-setup_bbty-sh-L6 This should help: https://stackoverflow.com/a/37997658 — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <https://gist.github.com/66f30da6d8b6c1c05b9f6708525ea885?email_source=notifications&email_token=AEIITPSPVA66VIP5DOHDI2DQYO42LA5CNFSM4J2QIOHKYY3PNVWWK3TUL52HS4DFVNDWS43UINXW23LFNZ2KUY3PNVWWK3TUL5UWJTQAF53VQ#gistcomment-3110744>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AEIITPS2XIQJS2M4KEEWXKTQYO42LANCNFSM4J2QIOHA> .

nice script

This is awesome

hey can you update it with new tools and new go upgradation and go language? if it is possible

Hey @Jaypanchal2233
Sure. working on the Recon methodology from TESS. will have a script and video soon 😃

Thanks @ManasHarsh , @n4vn337 🙌 😄