jenishs524/Automated-Bug-Bounty-Recon-Pipeline
GitHub: jenishs524/Automated-Bug-Bounty-Recon-Pipeline
自动化 Bug Bounty 侦察流水线,整合子域名枚举、存活探测与站点截图并输出可视化 HTML 报告。
Stars: 0 | Forks: 0
📁 自动化 Bug Bounty 侦察 Pipeline
描述
自动化侦察工作流程:子域名枚举(Subfinder + crt.sh + DNS 暴力破解)、使用 httpx 探测存活 endpoint,以及对在线网站进行截图。生成包含嵌入截图的 HTML 报告。
导航至项目文件夹。
创建虚拟环境(推荐):
bash
python3 -m venv venv
source venv/bin/activate # 在 Windows 上:venv\Scripts\activate
```
Install dependencies – each project has its own requirements.txt or lists the required packages.
Run the main script as described in the project’s section.
Note: Some projects require system tools (e.g., nmap, subfinder, httpx, zeek). Installation instructions are provided per project.
```
核心技术
```
Subfinder, httpx, Selenium (Chrome headless), jinja2
```
功能
```
Passive subdomain enumeration
DNS brute‑force (common prefixes)
httpx for status code, title, technology detection
Screenshots using Selenium
Rich HTML report
```
安装与设置
bash
# 安装系统工具(Kali/Debian)
sudo apt install subfinder httpx chromium-chromedriver
# Python 依赖
pip install selenium jinja2 requests
用法
bash
python recon_pipeline.py example.com
输出
```
recon_report.html – visual report with screenshots and tech badges.
```
标签:运行时操纵, 逆向工具