Projects STRLCPY BountyIt Files
🤬
static Loading last commit info...
README.md
bountyit.go
run.PNG
README.md



What is BountyIt ?

A fuzzer made in golang for finding issues like xss, lfi, rce, ssti...comes with pre-defind signarutres and signatures wordlist that's it!

Help

 -grep string
        Specify custom grepping singantures. Ex -grep singantures.txt
  -method string
        Add method name if required. Ex: -method PUT. Default "GET" (default "GET")
  -p string
        Feed the list of payloads to fuzz. Ex: -p ~/wordlists/lfi.txt
  -t int
        Number of workers to use..default 40. Ex: -t 50 (default 40)
  -verify
        Only prints confirmed results. Ex -verify

How to Install

$ go get -u -v github.com/shivangx01b/BountyIt

Usage

  • Note: Urls must have keyword "FUZZ" like
https://example.com/FUZZ 
       or 
https://example.com/?query=FUZZ

Single Url

echo "https://example.com/FUZZ" | BountyIt

Multiple Url

cat http_https.txt | BountyIt -t 70 -p payloads.txt -verify

Add another method if required

cat http_https.txt | BountyIt -t 70  -method "POST" -p payloads.txt -grep signatures.txt

Screenshot

1414

Note:

  • Scanner stores the error results as "error_requests.txt"... which contains urls which cannot be requested
Please wait...
Page is in error, reload to recover