Skip to content

Releases: vVv-Keys/ARBH

v2.0.1

21 Jun 04:25
@vVv-Keys vVv-Keys
bountyhunting
624b09f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.0.1 Latest
Latest

Automated Bug Bounty Scanner

This project is an automated bug bounty scanner designed to detect common web vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Command Injection, and Cross-Site Request Forgery (CSRF). It includes features such as headless browsing, email alerts, and a detailed HTML report generation.

Features

  1. SQL Injection Detection

    • Uses a variety of payloads to test for SQL Injection vulnerabilities.
    • Logs potential vulnerabilities and sends email alerts.

  2. Cross-Site Scripting (XSS) Detection

    • Tests for XSS vulnerabilities using different payloads.
    • Logs potential vulnerabilities and sends email alerts.

  3. Command Injection Detection

    • Detects possible command injection points.
    • Logs potential vulnerabilities and sends email alerts.

  4. Cross-Site Request Forgery (CSRF) Detection

    • Checks for missing CSRF tokens in forms.
    • Logs potential vulnerabilities and sends email alerts.

  5. URL Discovery

    • Discovers URLs and forms on the target site using both requests and headless browsing with Selenium.

  6. Email Alerts

    • Sends email notifications when vulnerabilities are detected.
    • Configurable via environment variables.

  7. HTML Report Generation

    • Generates a comprehensive HTML report summarizing the scan results.

  8. Retry Mechanism

    • Implements retry logic for network requests to handle temporary failures.

  9. Environment Configuration

    • Uses .env file to manage sensitive information such as email credentials and SMTP server details.

  10. Concurrency and Rate Limiting

    • Utilizes multithreading for concurrent scanning.
    • Supports rate limiting to control the frequency of requests.

  11. Proxy Support

    • Allows routing requests through a proxy server for additional anonymity or bypassing network restrictions.

  12. Bearer and JWT Authentication

    • Supports authentication tokens for scanning authenticated endpoints.

  13. User-Agent Randomization

    • Randomizes User-Agent headers to mimic different browsers and reduce the chance of being blocked.

Requirements

  • Python 3.6+
  • requests library
  • beautifulsoup4 library
  • selenium library
  • retrying library
  • python-dotenv library
  • Chrome WebDriver (for headless browsing)

Installation

  1. Clone the repository: 
    git clone https://github.com/yourusername/bug-bounty-scanner.git
cd bug-bounty-scanner

Full Changelog: https://github.com/vVv-Keys/AUTOMATED-RECON-BUG-HUNTING/commits/bountyhunting

Assets 2
Loading
0 Join discussion