Updated the script with ffuf

chvancooten · Oct 19, 2023 · 953456c · 953456c
1 parent 41f07a0
commit 953456c
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 29 deletions.
diff --git a/.env b/.env
@@ -0,0 +1,3 @@
+toolsDir='/opt'
+telegram_api_key='XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXx'
+telegram_chat_id='XXXXXXXX'
diff --git a/BugBountyScanner.sh b/BugBountyScanner.sh
@@ -239,44 +239,46 @@ do
                 critIssues="$(grep -c 'critical' < "nuclei-$DOMAIN.txt")"
                 if [ "$critIssues" -gt 0 ]
                 then
-                    notify "Nuclei completed. Found *$(wc -l < "nuclei-$DOMAIN.txt")* (potential) issues, of which *$critIssues* are critical, and *$highIssues* are high severity. Finding temporary files with GoBuster..."
+                    notify "Nuclei completed. Found *$(wc -l < "nuclei-$DOMAIN.txt")* (potential) issues, of which *$critIssues* are critical, and *$highIssues* are high severity. Finding temporary files with ffuf.."
                 elif [ "$highIssues" -gt 0 ]
                 then
-                    notify "Nuclei completed. Found *$(wc -l < "nuclei-$DOMAIN.txt")* (potential) issues, of which *$highIssues* are high severity. Finding temporary files with GoBuster..."
+                    notify "Nuclei completed. Found *$(wc -l < "nuclei-$DOMAIN.txt")* (potential) issues, of which *$highIssues* are high severity. Finding temporary files with ffuf..."
                 else
-                    notify "Nuclei completed. Found *$(wc -l < "nuclei-$DOMAIN.txt")* (potential) issues, of which none are critical or high severity. Finding temporary files with GoBuster..."
+                    notify "Nuclei completed. Found *$(wc -l < "nuclei-$DOMAIN.txt")* (potential) issues, of which none are critical or high severity. Finding temporary files with ffuf..."
                 fi
             else
-                notify "Nuclei completed. No issues found. Finding temporary files with GoBuster..."
+                notify "Nuclei completed. No issues found. Finding temporary files with ffuf..."
             fi
         else
             echo "[-] SKIPPING NUCLEI"
         fi
 
-        if [ ! -d "gobuster" ] || [ "$overwrite" = true ]
+        if [ ! -d "ffuf" ] || [ "$overwrite" = true ]
         then
-            echo "[*] RUNNING GOBUSTER..."
-            mkdir gobuster
-            cd gobuster || { echo "Something went wrong"; exit 1; }
+                echo "[*] RUNNING FFUF..."
+		mkdir ffuf
+		cd ffuf || { echo "Something went wrong"; exit 1; }
+
+		while read -r dname;
+		do
+    			filename=$(echo "${dname##*/}" | sed 's/:/./g')
+    			ffuf -w "$toolsDir/wordlists/tempfiles.txt" -u "$dname" -maxtime 3 -o "ffuf-$filename.txt"
+		done < "../livedomains-$DOMAIN.txt"
+
+		find . -size 0 -delete
+
+		if [ "$(ls -A .)" ]; then
+    			notify "FFUF completed. Got *$(cat ./* | wc -l)* files. Spidering paths with GoSpider..."
+    			cd .. || { echo "Something went wrong"; exit 1; }
+		else
+    			notify "FFUF completed. No temporary files identified. Spidering paths with GoSpider..."
+    			cd .. || { echo "Something went wrong"; exit 1; }
+    			rm -rf ffuf
+		fi
 
-            while read -r dname;
-            do
-                filename=$(echo "${dname##*/}" | sed 's/:/./g')
-                gobuster -q -e -t 20 -s 200,204 -k -to 3s -u "$dname" -w "$toolsDir"/wordlists/tempfiles.txt -o "gobuster-$filename.txt"
-            done < "../livedomains-$DOMAIN.txt"
-
-            find . -size 0 -delete
-
-            if [ "$(ls -A .)" ]; then
-                notify "GoBuster completed. Got *$(cat ./* | wc -l)* files. Spidering paths with GoSpider..."
-                cd .. || { echo "Something went wrong"; exit 1; }
-            else
-                notify "GoBuster completed. No temporary files identified. Spidering paths with GoSpider..."
-                cd .. || { echo "Something went wrong"; exit 1; }
-                rm -rf gobuster
             fi   
         else
-            echo "[-] SKIPPING GOBUSTER"
+            echo "[-] SKIPPING ffuf"
         fi
 
         if [ ! -f "paths-$DOMAIN.txt" ] || [ "$overwrite" = true ]
@@ -375,7 +377,7 @@ do
         else
             echo "[-] SKIPPING NMAP"
         fi
-    fi
+
 
     cd ..
     echo "[+] DONE SCANNING $DOMAIN."
@@ -384,4 +386,4 @@ do
 done
 
 echo "[+] DONE! :D"
-notify "Recon finished! Go hack em!"
+notify "Recon finished! Go hack em!"
diff --git a/README.md b/README.md
@@ -123,7 +123,7 @@ example:
 - `Go`
 - `gau`
 - `Gf` (with `Gf-Patterns`)
-- `GoBuster`
+- `ffuf`
 - `gospider`
 - `httpx`
 - `nmap`

diff --git a/setup.sh b/setup.sh
@@ -86,7 +86,7 @@ go install github.com/tomnomnom/gf@latest &>/dev/null
 go install github.com/jaeles-project/gospider@latest &>/dev/null
 go install github.com/tomnomnom/qsreplace@latest &>/dev/null
 go install github.com/haccer/subjack@latest &>/dev/null
-go install github.com/OJ/gobuster@latest &>/dev/null
+go install github.com/OJ/ffuf@latest &>/dev/null
 go install github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest &>/dev/null
 
 # Nuclei-templates
@@ -109,7 +109,7 @@ mkdir "$toolsDir/subjack"
 wget -q https://raw.githubusercontent.com/haccer/subjack/master/fingerprints.json -O $toolsDir/subjack/fingerprints.json
 
 # GoBuster temporary files wordlist
-echo "[*] Installing GoBuster wordlist..."
+echo "[*] Installing ffuf wordlist..."
 mkdir "$toolsDir/wordlists"
 wget -q https://raw.githubusercontent.com/Bo0oM/fuzz.txt/master/fuzz.txt -O $toolsDir/wordlists/tempfiles.txt
-Original file line number
+Diff line change
@@ Expand Up / @@ -123,7 +123,7 @@ example: @@
     - `Go`
     - `gau`
     - `Gf` (with `Gf-Patterns`)
-    - `GoBuster`
+    - `ffuf`
     - `gospider`
     - `httpx`
     - `nmap`
@@ Expand Down @@