使用xx云打造bugbounty自动化扫描

admin 2022年6月27日04:12:02评论62 views字数 3267阅读10分53秒阅读模式

前言

需要一个centos7服务器, 至少4h+ 4G; 这里使用google云 这里选用的是google云centos7.9,4H,16G;

git安装

sudo yum install git

github相关配置

ssh-keygen -t rsa
而后连敲三次回车
cd .ssh
cat id_rsa.pub //将id_rsa.pub中数据复制到github对应选项框中

$ssh -T [email protected]//得到如下类似即可
The authenticity of host 'github.com (13.114.40.48)' can't be established.ECDSA key fingerprint is SHA256:p2QAMXNIC1TJYWeIOttrVc98/R1BUFWu3/LiyKgUfQM.ECDSA key fingerprint is MD5:7b:99:81:1e:4c:91:a5:0d:5a:2e:2e:80:13:3f:24:ca.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added 'github.com,13.114.40.48' (ECDSA) to the list of known hosts.Hi richard1230! You've successfully authenticated, but GitHub does not provide shell access

py安装同时创建py虚拟环境

//这里直接用如下脚本即可
sudo yum -y groupinstall "Development tools" &&


sudo yum -y install zlib-devel bzip2-devel openssl-devel ncurses-devel sqlite-devel readline-devel tk-devel gdbm-devel db4-devel libpcap-devel xz-devel &&


sudo yum install wget &&




wget https://www.python.org/ftp/python/3.9.0/Python-3.9.0.tar.xz &&


sudo mkdir /usr/local/python3 &&
tar -xvJf Python-3.9.0.tar.xz &&


cd Python-3.9.0 &&


./configure --prefix=/usr/local/python3 &&
sudo yum install libffi-devel -y &&


sudo make && sudo make install &&


sudo yum -y install python-pip &&


sudo ln -s /usr/local/python3/bin/python3 /usr/bin/python3 &&


sudo ln -s /usr/local/python3/bin/pip3 /usr/bin/pip3 &&


pip3 install --upgrade pip &&


pip3 install virtualenv &&


pip3 install virtualenvwrapper

===
===
===
which virtualenvwrapper.sh


sudo vi ~/.bashrc


VIRTUALENVWRAPPER_PYTHON=/usr/local/python3/bin/python3 # 指定virtualenvwrapper执行的python版本
export WORKON_HOME=$HOME/.virtualenvs # 指定虚拟环境存放目录,.virtualenvs目录名可自拟
source which virtualenvwrapper.sh所指的路径 # virtualenvwrapper.sh所在目录
~/.local/bin/virtualenvwrapper.sh


source ~/.bashrc


//创建虚拟环境
mkvirtualenv myenv1

docker安装

yum update
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum list docker-ce --showduplicates | sort -r
sudo yum install -y docker-ce
$ sudo systemctl start docker
$ sudo systemctl enable docker
$ docker version

golang安装


sudo yum -y install wget
wget https://storage.googleapis.com/golang/getgo/installer_linux
chmod +x ./installer_linux
./installer_linux
source ~/.bash_profile
golang version

安装subfinder

下面几个工具的安装配置参考: https://dhiyaneshgeek.github.io/bug/bounty/2020/02/06/recon-with-me/


go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest

mkdir -p .config/subfinder/

httpx安装

go install github.com/projectdiscovery/httpx/cmd/httpx@latest

assetfinder,httprobe,anew安装

go install -v github.com/tomnomnom/assetfinder@latest


go install -v github.com/tomnomnom/httprobe@latest

go install -v github.com/tomnomnom/anew@latest

chaospy安装

git clone [email protected]:PhotonBolt/chaospy.git
cd chaospy
sudo pip3 install -r requirements.txt
sudo pip3 install argparse
chmod +x chaospy.py


naabu安装

sudo yum -y install libpcap-devel

go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest

notify安装

go install -v github.com/projectdiscovery/notify/cmd/notify@latest
//配置文件
mkdir $HOME/.config/notify/provider-config.yaml

tel设置

设置一下telegram
telegram:
- id: "tel"
telegram_api_key: "xxxxxxx735:xxxxxxxxxxxxJAF0Nsw6JVCf4a6Z2eqXN93z4Q"
telegram_chat_id: "-zzzzzzzz"
telegram_format: "{{data}}"

api_key的获取和chat_id的获取 https://help.domotz.com/user-guide/how-to-create-a-telegram-webhook/

nuclei安装

https://github.com/projectdiscovery/nuclei

go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest


原文始发于微信公众号(迪哥讲事):使用xx云打造bugbounty自动化扫描

  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2022年6月27日04:12:02
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                   使用xx云打造bugbounty自动化扫描http://cn-sec.com/archives/1145666.html

发表评论

匿名网友 填写信息