85 lines
2.0 KiB
Markdown
85 lines
2.0 KiB
Markdown
# Bug Hunter TUI
|
|
|
|
A comprehensive bug bounty hunting tool with a Text User Interface (TUI) built with Python and Textual.
|
|
|
|
## Features
|
|
|
|
- **Subdomain Enumeration**: Discover subdomains using DNS queries
|
|
- **Port Scanning**: Identify open ports and running services
|
|
- **Directory Bruteforcing**: Find hidden directories and files on web servers
|
|
- **URL Parameter Fuzzing**: Test URL parameters for vulnerabilities
|
|
|
|
## Installation
|
|
|
|
1. Install dependencies:
|
|
```bash
|
|
pip install -r requirements.txt
|
|
```
|
|
|
|
2. Setup the environment:
|
|
```bash
|
|
python bughunter.py --setup
|
|
```
|
|
|
|
## Usage
|
|
|
|
### Launch the TUI
|
|
|
|
```bash
|
|
python bughunter.py
|
|
```
|
|
|
|
### Interface
|
|
|
|
The TUI is divided into 4 panels, one for each scanner:
|
|
- **Subdomain Scanner**: Enter a domain (e.g., `example.com`)
|
|
- **Port Scanner**: Enter an IP or domain (e.g., `192.168.1.1` or `example.com`)
|
|
- **Directory Bruteforce**: Enter a URL (e.g., `http://example.com`)
|
|
- **URL Fuzzer**: Enter a URL with parameters (e.g., `http://example.com/page?id=1`)
|
|
|
|
### Keyboard Shortcuts
|
|
|
|
- `q` - Quit the application
|
|
- `c` - Clear all logs
|
|
|
|
### Scanner Controls
|
|
|
|
Each scanner panel has three buttons:
|
|
- **Start Scan** - Begin scanning the target
|
|
- **Stop** - Stop the current scan
|
|
- **Clear** - Clear the log output
|
|
|
|
## Configuration
|
|
|
|
Configuration is stored in `~/.bughunter/config.json`. You can customize:
|
|
- Timeout values
|
|
- Concurrent request limits
|
|
- Default wordlists
|
|
- File extensions for directory bruteforcing
|
|
|
|
## Wordlists
|
|
|
|
Custom wordlists can be placed in `~/.bughunter/wordlists/`:
|
|
- `subdomains.txt` - Subdomain wordlist
|
|
- `directories.txt` - Directory/file wordlist
|
|
|
|
## Security Notice
|
|
|
|
This tool is intended for authorized security testing only. Always ensure you have permission before scanning any target. Unauthorized scanning may be illegal.
|
|
|
|
## Requirements
|
|
|
|
- Python 3.8+
|
|
- textual
|
|
- httpx
|
|
- dnspython
|
|
- rich
|
|
|
|
## License
|
|
|
|
MIT License
|
|
|
|
## Disclaimer
|
|
|
|
Use this tool responsibly and only on systems you have permission to test. The authors are not responsible for misuse of this tool.
|