Skip to content
A multi-platform bug bounty toolkit that can be installed on Debian/Ubuntu or setup with Docker.
Shell Dockerfile
Branch: master
Clone or download
Type Name Latest commit message Commit time
Failed to load latest commit information.
.travis.yml Adding travis.yml for CI/CD pipeline Dec 18, 2019
Dockerfile Include Docke Dec 28, 2019 Added CommonSpeak Jan 6, 2020
_config.yml Set theme jekyll-theme-slate Dec 11, 2019 Include installation of subfinder in Dec 28, 2019 Refixing joomscan bootloader to pass args Dec 20, 2019

Bug Bounty Toolkit

A multiplatform bug bounty toolkit that can be installed on Debian/Ubuntu or setup with Docker.

Why should you use this toolkit?

  • This toolkit offers a multiplatform base to work with as the script can be installed on Linux, setup with Docker or installed on Windows with WSL (Windows Subsystem For Linux).
  • The installer script can be customized to add or remove specific tools based on your requirements.
  • Tools are constantly being added, updated and fixed.

Installation Instructions - Ubuntu/Debian

git clone
cd BugBountyToolkit
chmod +x

Docker Pull & Run Instructions

Docker Hub Link:

docker pull hackersploit/bugbountytoolkit
docker run -it hackersploit/bugbountytoolkit /bin/bash


Docker Build Instructions

docker build . -t hackersploit/bugbountytoolkit

Installed Tools

  • altdns
  • bucket_finder
  • CloudFlair
  • commix
  • dirb
  • dirsearch
  • dnsenum
  • dnsrecon
  • gobuster
  • joomscan
  • Knockpy
  • masscan
  • massdns
  • Nikto
  • Nmap
  • Recon-ng
  • s3recon
  • sqlmap
  • subfinder
  • Sublist3r
  • teh_s3_bucketeers
  • thc-hydra
  • theHarvester
  • virtual-host-discovery
  • wafw00f
  • wfuzz
  • wpscan
  • XSStrike


  • SecLists
  • CommonSpeak (Being Added)

Tools beging added

  • aquatone
  • dotdotpwn
  • AWSBucketDump
  • Sn1per
  • amass


You can’t perform that action at this time.