# Bug Hunter TUI
A comprehensive bug bounty hunting tool with a Text User Interface (TUI) built with Python and Textual.
## Features
- **Subdomain Enumeration**: Discover subdomains using DNS queries
- **Port Scanning**: Identify open ports and running services
- **Directory Bruteforcing**: Find hidden directories and files on web servers
- **URL Parameter Fuzzing**: Test URL parameters for vulnerabilities
## Installation
1. Install dependencies:
```bash
pip install -r requirements.txt
```
2. Setup the environment:
```bash
python bughunter.py --setup
```
## Usage
### Launch the TUI
```bash
python bughunter.py
```
### Interface
The TUI is divided into 4 panels, one for each scanner:
- **Subdomain Scanner**: Enter a domain (e.g., `example.com`)
- **Port Scanner**: Enter an IP or domain (e.g., `192.168.1.1` or `example.com`)
- **Directory Bruteforce**: Enter a URL (e.g., `http://example.com`)
- **URL Fuzzer**: Enter a URL with parameters (e.g., `http://example.com/page?id=1`)
### Keyboard Shortcuts
- `q` - Quit the application
- `c` - Clear all logs
### Scanner Controls
Each scanner panel has three buttons:
- **Start Scan** - Begin scanning the target
- **Stop** - Stop the current scan
- **Clear** - Clear the log output
## Configuration
Configuration is stored in `~/.bughunter/config.json`. You can customize:
- Timeout values
- Concurrent request limits
- Default wordlists
- File extensions for directory bruteforcing
## Wordlists
Custom wordlists can be placed in `~/.bughunter/wordlists/`:
- `subdomains.txt` - Subdomain wordlist
- `directories.txt` - Directory/file wordlist
## Security Notice
This tool is intended for authorized security testing only. Always ensure you have permission before scanning any target. Unauthorized scanning may be illegal.
## Requirements
- Python 3.8+
- textual
- httpx
- dnspython
- rich
## License
MIT License
## Disclaimer
Use this tool responsibly and only on systems you have permission to test. The authors are not responsible for misuse of this tool.
