A containerized toolkit I built to stop hunting for bug bounty tools and start actually hunting bugs
Tired of spending hours setting up bug bounty environments? BBHTD is a Docker environment with 25+ essential security tools that builds in under 30 minutes and eliminates setup headaches.
# Clone and launch
git clone https://github.com/brunosgio/bbhtd.git
cd bbhtd
# Enable GUI support (Linux/macOS)
sudo xhost +local:docker
# Launch the toolkit
docker compose up -d
# Get a shell
docker compose exec bbhtd bashThat's it! 🎉 You now have 25+ essential security tools ready to use.
# Verify all core tools are working
subfinder -version
nuclei -version
httpx -version
ffuf -V
nmap --version | head -1
amass version# 1. Subdomain discovery
subfinder -d target.com -silent | head -5
echo "target.com" | assetfinder --subs-only
# 2. Check what's alive
echo "https://target.com" | httpx -title -status-code -silent
# 3. Quick vulnerability scan
echo "https://target.com" | nuclei -t ~/nuclei-templates/http/technologies/ -silent
# 4. Directory discovery
ffuf -u https://target.com/FUZZ -w /usr/share/seclists/Discovery/Web-Content/common.txt -fc 404 -t 10 -s
# 5. Network scanning
nmap -T4 -p 80,443 target.com# URL manipulation
echo "https://example.com/test?id=1&name=test" | unfurl domains
echo "https://example.com/test?id=1&name=test" | qsreplace FUZZ
# Deduplication
echo -e "url1\nurl2\nurl1\nurl3" | anew
# Web crawling
echo "target.com" | gau --threads 5 | head -5
echo "target.com" | waybackurls | head -5# Launch Burp Suite
burpsuite &
# Open Firefox
firefox https://target.com &| Category | Tools |
|---|---|
| 🔍 Reconnaissance | subfinder, amass, assetfinder, sublist3r, dnsrecon, dnsx, massdns |
| 🎯 Vulnerability Scanning | nuclei, sqlmap, dalfox |
| 📁 Directory Discovery | ffuf, gobuster, dirsearch |
| 🌐 Network Scanning | nmap, masscan, naabu |
| 🌍 HTTP Tools | httpx, httprobe, gowitness |
| 🔧 Utility Tools | anew, unfurl, qsreplace, gf, seclists |
| 🖥️ GUI Tools | Burp Suite, Firefox |
| 🕷️ Web Crawling | gau, waybackurls, gospider |
| 🔎 OSINT | theharvester, shodan |
✨ 25+ Essential Tools - Core tools that 90% of bug bounty hunters actually use
⚡ Fast Build - Builds in ~30 minutes vs 1+ hours for bloated alternatives
🐳 One Command Setup - No dependency hell or version conflicts
🖥️ GUI Support - Burp Suite and Firefox with proper X11 forwarding
📁 Shared Workspace - Easy file exchange via shared/ directory
🔧 Kali-Native - Uses official Kali packages for reliability
# Start/stop
docker compose up -d
docker compose down
# Rebuild after changes
docker compose build --no-cache
# Quick access alias (add to ~/.bashrc)
alias bbhtd='docker compose exec bbhtd bash'Want to add more tools? Edit tools.env:
# Enable additional tools
INSTALL_MASSCAN=true
INSTALL_GOWITNESS=true
# Rebuild
docker compose build --no-cacheTools not found?
# Check PATH
echo $PATH
export PATH=/root/go/bin:$PATHBuild issues?
# Clean rebuild
docker system prune -a
docker compose build --no-cacheGUI not working?
sudo xhost +local:docker- Performance Optimization - Even faster builds and smaller images
- Specialized Builds - Web-only, Mobile, Cloud-focused variants
- Tool Updates - Latest versions as they emerge
- Extended Toolkit - Optional full 80+ tool mode
⭐ Star this repo if it saves you setup time!
Built by a bug bounty hunter, for bug bounty hunters 🎯