djedi/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
dotfiles/scripts/pentesting/bb-workflow
rpriven 5b6af65def
Organize scripts and clean up dotfiles 
Changes:
- Added 80+ scripts with organized structure
  - payloads/ for third-party pentesting tools
  - pentesting/ for custom security scripts
  - Daily drivers remain flat for fast access
- Converted wes() function to proper script
- Removed .sh extensions from pentesting scripts
- Cleaned up aliases (removed 31 redundant lines)
- Added kanata/, build artifacts to gitignore
- Removed old fre.sh scripts and empty a.out
- Updated configs: helix, tmux, zsh, ulauncher, redshift

Security: All sensitive data excluded via gitignore
2025-11-07 14:48:21 -07:00

259 lines
7.1 KiB
Bash
Executable file
Raw Permalink Blame History

#!/usr/bin/env bash
# Bug Bounty Workflow Helper
# Manages the complete workflow from recon to report
set -euo pipefail
PROGRAM="${1:-}"
DOMAIN="${2:-}"
BB_ROOT="${HOME}/bug-bounty"
TEMPLATE_DIR="${HOME}/.claude/context/business/security/bug-bounty"
# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
show_usage() {
cat << EOF
Bug Bounty Workflow Helper
Usage: bb-workflow.sh <command> [args]
Commands:
init <program> <domain> Initialize directory structure for new program
recon <program> Run reconnaissance on program
test <program> <url> <type> Quick vulnerability test helper
screenshot <program> [type] Take annotated screenshot with border
report <program> <vuln-id> Generate PDF report from JSON
status <program> Show program status and findings
Examples:
bb-workflow.sh init acme acme.com
bb-workflow.sh recon acme
bb-workflow.sh test acme http://localhost:3002 xss
bb-workflow.sh screenshot acme vulnerability
bb-workflow.sh report acme acme-xss-001
Directory Structure:
~/bug-bounty/<program>/
├── recon/ # Reconnaissance data
├── screenshots/ # Evidence screenshots
├── discoveries/ # Vulnerability JSON files
└── reports/ # Generated PDF reports
EOF
}
init_program() {
local program="$1"
local domain="$2"
echo -e "${BLUE}[+] Initializing bug bounty program: $program${NC}"
mkdir -p "$BB_ROOT/$program"/{recon,screenshots,discoveries,reports}
# Create program info file
cat > "$BB_ROOT/$program/info.txt" << EOF
Program: $program
Domain: $domain
Started: $(date +%Y-%m-%d)
Platform: [HackerOne/Bugcrowd/Other]
Scope: [Add scope notes]
Rules:
- [Add important rules from program policy]
Notes:
- [Add your notes here]
EOF
# Create .gitignore
cat > "$BB_ROOT/$program/.gitignore" << EOF
# Sensitive bug bounty data
screenshots/
discoveries/*.json
reports/*.pdf
recon/
# Keep directory structure
!discoveries/.gitkeep
!screenshots/.gitkeep
!reports/.gitkeep
!recon/.gitkeep
EOF
touch "$BB_ROOT/$program"/{discoveries,screenshots,reports,recon}/.gitkeep
echo -e "${GREEN}[✓] Program initialized: $BB_ROOT/$program${NC}"
echo -e "${YELLOW}[!] Edit info.txt with program details${NC}"
}
run_recon() {
local program="$1"
local program_dir="$BB_ROOT/$program"
if [[ ! -d "$program_dir" ]]; then
echo -e "${RED}[-] Program directory not found: $program_dir${NC}"
echo -e "${YELLOW}[!] Run: bb-workflow.sh init $program <domain>${NC}"
exit 1
fi
# Get domain from info.txt
local domain=$(grep "^Domain:" "$program_dir/info.txt" | cut -d' ' -f2)
if [[ -z "$domain" ]]; then
echo -e "${RED}[-] Domain not found in info.txt${NC}"
exit 1
fi
echo -e "${BLUE}[+] Running reconnaissance on $domain${NC}"
echo -e "${YELLOW}[!] This will take some time...${NC}"
cd "$program_dir/recon"
# Run your existing recon scripts
if [[ -x "${HOME}/scripts/passive-recon" ]]; then
echo -e "${BLUE}[+] Running passive recon...${NC}"
"${HOME}/scripts/passive-recon" "$domain"
fi
if [[ -x "${HOME}/scripts/light-recon" ]]; then
echo -e "${BLUE}[+] Running light recon...${NC}"
"${HOME}/scripts/light-recon" "$domain"
fi
if [[ -x "${HOME}/scripts/bb-recon" ]]; then
echo -e "${BLUE}[+] Running bug bounty recon (safe mode)...${NC}"
"${HOME}/scripts/bb-recon" "https://$domain"
fi
echo -e "${GREEN}[✓] Reconnaissance complete!${NC}"
echo -e "${YELLOW}[!] Review results in: $program_dir/recon/${NC}"
# Generate manual testing guide
if [[ -x "${HOME}/scripts/bb-report-generator" ]]; then
echo -e "${BLUE}[+] Generating manual testing guide...${NC}"
# Find the most recent bb-recon directory
latest_recon=$(find . -maxdepth 1 -type d -name "bb-recon-*" -printf '%T@ %p\n' | sort -rn | head -1 | cut -d' ' -f2)
if [[ -n "$latest_recon" ]]; then
"${HOME}/scripts/bb-report-generator" "$latest_recon"
echo -e "${GREEN}[✓] Manual testing guide created!${NC}"
echo -e "${CYAN}[*] Read: $latest_recon/manual-testing-guide.md${NC}"
fi
fi
}
quick_test() {
local program="$1"
local url="$2"
local type="$3"
echo -e "${BLUE}[+] Quick vulnerability test: $type${NC}"
"${HOME}/scripts/quick-vuln-test.sh" "$url" "$type"
}
take_screenshot() {
local program="$1"
local type="${2:-evidence}"
if [[ ! -d "$BB_ROOT/$program" ]]; then
echo -e "${RED}[-] Program directory not found: $program${NC}"
exit 1
fi
"${HOME}/scripts/bb-screenshot-annotate.sh" "$program" "$type"
}
generate_report() {
local program="$1"
local vuln_id="$2"
local program_dir="$BB_ROOT/$program"
local json_file="$program_dir/discoveries/${vuln_id}.json"
local pdf_file="$program_dir/reports/${vuln_id}.pdf"
if [[ ! -f "$json_file" ]]; then
echo -e "${RED}[-] JSON file not found: $json_file${NC}"
exit 1
fi
echo -e "${BLUE}[+] Generating PDF report...${NC}"
cd "$TEMPLATE_DIR"
bun run latex/generate.ts "$json_file" "$pdf_file"
if [[ -f "$pdf_file" ]]; then
echo -e "${GREEN}[✓] Report generated: $pdf_file${NC}"
echo -e "${YELLOW}[!] Review before submitting!${NC}"
# Open PDF (if on desktop with xdg-open)
if command -v xdg-open &> /dev/null; then
xdg-open "$pdf_file" &
fi
else
echo -e "${RED}[-] Report generation failed${NC}"
exit 1
fi
}
show_status() {
local program="$1"
local program_dir="$BB_ROOT/$program"
if [[ ! -d "$program_dir" ]]; then
echo -e "${RED}[-] Program not found: $program${NC}"
exit 1
fi
echo -e "${BLUE}=== Bug Bounty Program Status ===${NC}"
echo ""
cat "$program_dir/info.txt"
echo ""
echo -e "${BLUE}=== Findings ===${NC}"
local findings=$(find "$program_dir/discoveries" -name "*.json" -not -name ".gitkeep" | wc -l)
local reports=$(find "$program_dir/reports" -name "*.pdf" | wc -l)
echo "Total findings: $findings"
echo "Generated reports: $reports"
if [[ $findings -gt 0 ]]; then
echo ""
echo "Discoveries:"
ls -1 "$program_dir/discoveries/"*.json 2>/dev/null | xargs -n1 basename || true
fi
}
# Main command router
case "${1:-}" in
init)
[[ -z "${2:-}" ]] || [[ -z "${3:-}" ]] && show_usage && exit 1
init_program "$2" "$3"
;;
recon)
[[ -z "${2:-}" ]] && show_usage && exit 1
run_recon "$2"
;;
test)
[[ -z "${2:-}" ]] || [[ -z "${3:-}" ]] || [[ -z "${4:-}" ]] && show_usage && exit 1
quick_test "$2" "$3" "$4"
;;
screenshot|ss)
[[ -z "${2:-}" ]] && show_usage && exit 1
take_screenshot "$2" "${3:-evidence}"
;;
report)
[[ -z "${2:-}" ]] || [[ -z "${3:-}" ]] && show_usage && exit 1
generate_report "$2" "$3"
;;
status)
[[ -z "${2:-}" ]] && show_usage && exit 1
show_status "$2"
;;
*)
show_usage
exit 1
;;
esac
Reference in a new issue View git blame Copy permalink