Vigilant Script - 19/04/2025

An example of an AIO Tool Setup to aid you in your Bug Bounty journey!

Vigilant Script Installation and Usage Guide

Installation

1. In Kali Linux, create a folder called vigilant and insert the following files:

   • logo.txt

   • vigilant.rb

2. Create a folder inside vigilant called scripts and insert the following files:

   • functions.rb

   • gitdorks.sh

3. Install required dependencies:

bashsudo apt install gccgo-go (golang)
sudo gem install colorize
sudo apt install lolcat
sudo gem install lolcat
sudo go install -v github.com/tomnomnom/anew@latest
sudo cp /root/go/bin/anew /usr/local/bin
sudo go install github.com/tomnomnom/qsreplace@latest
sudo cp /root/go/bin/qsreplace /usr/local/bin
sudo go install -v github.com/tomnomnom/gf@latest
sudo cp /root/go/bin/gf /usr/local/bin
sudo go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest
sudo cp /root/go/bin/httpx /usr/local/bin
sudo go install github.com/tomnomnom/httprobe@latest
sudo cp /root/go/bin/httprobe /usr/local/bin
sudo go install -v github.com/ryandamour/ssrfuzz@latest
sudo cp /root/go/bin/ssrfuzz /usr/local/bin
sudo GO111MODULE=on go install github.com/jaeles-project/gospider@latest
sudo cp /root/go/bin/gospider /usr/local/bin
sudo go install github.com/tomnomnom/waybackurls@latest
sudo cp /root/go/bin/waybackurls /usr/local/bin
sudo go install -v github.com/sa7mon/s3scanner@latest
sudo cp /root/go/bin/s3scanner /usr/local/bin
sudo go install github.com/hahwul/dalfox/v2@latest
sudo cp /root/go/bin/dalfox /usr/local/bin
sudo go install github.com/tomnomnom/gf@latest
sudo cp /root/go/bin/gf /usr/local/bin
sudo go install https://github.com/lobuhi/byp4xx@latest
sudo cp /root/go/bin/byp4xx /usr/local/bin
mkdir Desktop/recon
cd Desktop/recon
git clone https://github.com/danielmiessler/SecLists
git clone https://github.com/koaj/aws-s3-bucket-wordlist
git clone https://github.com/hisxo/gitGraber
wget https://raw.githubusercontent.com/m4ll0k/BBTz/master/getsrc.py
wget https://raw.githubusercontent.com/m4ll0k/BBTz/master/collector.py
wget https://raw.githubusercontent.com/m4ll0k/BBTz/master/getjswords.py
wget https://raw.githubusercontent.com/m4ll0k/BBTz/master/antiburl.py
wget https://raw.githubusercontent.com/m4ll0k/BBTz/master/jsbeautify.py
wget https://raw.githubusercontent.com/m4ll0k/BBTz/master/availableForPurchase.py
git clone https://github.com/zigoo0/webpwn3r
git clone https://github.com/OWASP/joomscan
git clone https://github.com/ztgrace/changeme
git clone https://github.com/auth0/repo-supervisor
git clone https://github.com/maurosoria/dirsearch
git clone https://github.com/hisxo/gitGraber
git clone https://github.com/GerbenJavado/LinkFinder
git clone https://github.com/tillson/git-hound
git clone https://github.com/kost/dvcs-ripper
git clone https://github.com/infosec-au/altdns
git clone https://github.com/haccer/subjack
git clone https://github.com/mazen160/struts-pwn
git clone https://github.com/FishermansEnemy/bucket_finder && cd bucket_finder && chmod +x bucket_finder.rb
git clone https://github.com/projectdiscovery/nuclei-templates
git clone https://github.com/projectdiscovery/notify && cd notify && make && sudo cp notify /usr/local/bin
git clone https://github.com/chenjj/CORScanner && cd CORScanner && sudo pip install -r requirements.txt
git clone https://github.com/mazen160/bfac && cd bfac && sudo python setup.py install

Install Aquatone on Kali Linux following: https://medium.com/@sherlock297/install-aquatone-on-kali-linux-dd2a6850fd32

Install GF patterns via https://github.com/1ndianl33t/Gf-Patterns

1. Install additional scripts and tools to run Vigilant smoothly:

bashsudo apt install npm
npm install broken-link-checker -g
npm install -g retire
sudo pip3 install arjun
sudo pip3 install mysql-connector-python
sudo pip3 install requests-toolbelt
sudo pip install grequests
sudo pip install requests_futures
sudo pip install iptools
sudo pip install python-crontab
sudo pip install jsbeautifier
sudo pip install Cerberus
sudo pip install python-libnmap
sudo pip install pymongo
sudo pip install selenium
sudo pip install logutils
sudo apt install subfinder
sudo apt install gobuster
sudo apt install subjack
sudo apt install nuclei
curl -sSfL https://git.io/crlfuzz | sudo sh -s -- -b /usr/local/bin
sudo gem install pwhois - https://github.com/Crosse/pwhois
sudo sudo apt install asn - https://github.com/nitefood/asn
sudo apt install finalrecon - https://github.com/thewhiteh4t/FinalRecon

1. Run $ chmod +x vigilant.rb

2. Run $ ./vigilant.rb -h and explore features!

Features and Capabilities

This script was created to facilitate the following processes:

1. Recon on targets

2. Wordlists managements

3. Subdomain enumeration

4. Web vulnerability scans:

   • CORS

   • CRLF

   • Visualization: Web screenshot using Selenium/Aquatone

   • SSRF

   • XSS

   • WAF

   • Wapiti: Wapiti automated scanner

   • HTTP scanner

5. Web exploits:

   • Shocker: Exploit servers vulnerable to Shellshock

   • Yasuo: Find vulnerable web applications

   • Apache Struts

   • Changeme: Default credential scanner

   • CMSmap: CMS scanner

   • WPScan: Wordpress vulnerability scanner

   • Joom: Joom vulnerability scanner

   • Zigoo: Exploit URL parameters

6. URL parameter discovery

7. Content discovery:

   • AWS S3 buckets

   • Directory fuzzing

   • Github secrets

   • Javascript research

   • SWF research

8. Endpoint exploits

Usage

Basic Usage:

text./vigilant.rb -c Google -d google.com [PARAMS]

Extensive Usage:

text./vigilant.rb -c Google -d google.com -all [PARAMS]

Additional parameters are optional, but are recommended to execute and understand Vigilant processes:

• -c set your target's name - Vigilant saves entire target's data inside a project folder

• -d is the domain/subdomain that you want to target

• -t threads you want to use - more threads, faster process

• -all execute processes in all domains available

This script and all updates are only shared here. It's 100% written by the original author.