FireMe is a bugbounty automation script for recon purpose and data collection.
( *
)\ ) ( \`
(()/( ( ( ( )\))( (
/(_)))\ )( ))\ ((_)()\ ))\
(_))_((_|()\ /((_) (_()((_)/((_)
| |_ (_)((_|_)) | \/ (_))
| __| | | '_/ -_) | |\/| / -_)
|_| |_|_| \___| |_| |_\___|
Usage: ./fireme.sh [REQUIRED] [OPTIONS]
[REQUIRED]
-z ZIP Zip file containing subdomains
[OPTIONS]
-h Print this help message
FireMe is a script for bugbounty recon phase data collection and information gathering for multiple targets and subdomains. This tool help you getting started into bugbounty sinse i used it to do so.
PS: This tools is not advised for targets that have move than 1K subdomains. It can take alot of time.
- Scan for live domains.
- Gets all the links and generate intresing ones.
- Generates wordlists based on the result of the links.
- Checks for probably vulnerable inputs.
- Checks for subdomains takeover.
- Uses massdns for dumping IPs.
- nmap live domains.
Use this tool in combination with projectdiscovery chaos tool to gain sometime and skip the subdomains enumeration which can take a really long time for big targets.
| Tool | Author | Repository |
|---|---|---|
| Httprobe | Tomnomnom | https://github.com/tomnomnom/httprobe |
| waybackurls | Tomnomnom | https://github.com/tomnomnom/waybackurls |
| gau | Corben Leo | https://github.com/lc/gau |
| unfurl | Tomnomnom | https://github.com/tomnomnom/unfurl |
| gf | Tomnomnom | https://github.com/tomnomnom/gf |
| nmap | Nmap | |
| subjack | Cody Zacharias | https://github.com/haccer/subjack |
| takeover.py | m4ll0k | https://github.com/m4ll0k/takeover |
| SubOver | Ice3man543 | https://github.com/Ice3man543/SubOver |
| massdns | blechschmidt | https://github.com/blechschmidt/massdns |
Requires GO to be installed and specified in the PATH
$ git clone https://github.com/soufian2017/FireMe
$ cd FireMe
$ chmod u+x install.sh
$ ./install.sh
**Active scanning:**
- Gobuster
- aquatone
- get HTML