zBuster Bash Script for CTF Automating Basic Enumeration
zBuster Bash Script for CTF Automating Basic Enumeration

zBuster: Bash Script for CTF Automating Basic Enumeration

zBuster is an Bash script built to automate the process of portscanning, vhosts finding, services enumeration and a Dirbusting option.

Help menu by zBuster
Help menu by zBuster

Tools

  1. Rustscan
  2. Nmap
  3. Smbclient & Smbmap & crackmapexec
  4. Wpscan
  5. Gobuster
  6. Gospider

Installation

git clone https://github.com/zAbuQasem/zBuster
cd zBuster
chmod +x *
sudo ./install.sh

#Make sure to Download Rustsan From: Releases page.

Then

sudo dpkg -i ~/Downloads/rustscan_2.0.1_amd64.deb

Usage

Important Note

"
"

Make sure to specify a domain name for better scan results.For HackTheBox, specify the domain name in /etc/hosts file

#Example /etc/hosts
127.0.0.1	localhost
127.0.1.1	kali

# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
#HackTheBox
10.10.10.243	spider.htb
10.10.10.240	pivotapi.htb
10.10.11.114    bolt.htb

All integrated checks

sudo ./zBuster.sh -u Foo.htb  -s all

Specific check

sudo ./zBuster.sh -u Foo.htb -s <CHECK>

Dirbusting [Dirbuster-meduim wordlist]

./zBuster.sh -u Foo.htb -p <PORT> -x <FILE-EXTENSIONS [OPTIONAL]> -d <HTTPS OR HTTP>  #Must be in this order or args.

For more options:

./zBuster.sh -h

Known issue

If you faced issues with running the script:

sudo rm -rf result-zbuster

If this didn’t work then check your network connection..

Preview [Took ~7 minutes]

View GIF

"
"