Releases: ByCh4n/BCHackTool
Releases · ByCh4n/BCHackTool
BCHackTool v4.0 - Complete Rewrite 🚀
BCHackTool v4.0 - Complete Rewrite 🚀
🎯 Major Features
1. Subdomain List Input Mode 🎯
Skip the reconnaissance phase entirely and jump straight to vulnerability scanning!
Benefits:
- ⏱️ Save 30-50% scan time
- 🔄 Integrate with external recon tools
- 🎯 Test specific subdomains only
- 📝 Use results from previous scans
2. Full Nuclei Severity Scanning 🔍
Now scans ALL severity levels instead of just medium+
Impact:
- 📈 3-5x more findings
- 🎯 Complete security picture
- 📊 Better compliance reporting
Severity Coverage:
- ✅ Info: Version disclosure, tech stack detection
- ✅ Low: Weak headers, minor misconfigurations
- ✅ Medium: CSRF, open redirects
- ✅ High: SQL injection, XSS
- ✅ Critical: RCE, authentication bypass
3. Real-time Nuclei Progress 📊
Live scan progress with statistics every 15 seconds
Features:
- Live template execution count
- Request rate monitoring
- Real-time vulnerability count
- Estimated time remaining
⚡ Technical Improvements
Performance
- 🚀 30-50% faster scans
- ⚡ Parallel scanning (10 concurrent jobs)
- 💾 Checkpoint/Resume system
- 🔄 Enhanced error handling
Architecture
- 📊 JSON structured output for all tools
- 📄 Comprehensive HTML reports with graphs
- 🔑 API Integration (Shodan, VirusTotal, SecurityTrails)
- 🔔 Multi-platform Notifications (Telegram, Discord, Slack)
Code Quality
- 1459 lines of clean, documented code
- Comprehensive error handling
- Resume capability for interrupted scans
- Detailed logging system
📦 Installation
# Download
git clone https://github.com/ByCh4n/BCHackTool.git
cd BCHackTool
# Run (auto-installs dependencies)
sudo bash bchacktool.sh🚀 Quick Start
Option 1: Single Domain Scan
sudo bash bchacktool.sh
> 1 # Single Domain Scan
Enter target domain: example.com
Mode> ALL # Comprehensive scanOption 2: Multiple Domains
# Create domains.txt
echo "example.com" > domains.txt
echo "test.com" >> domains.txt
sudo bash bchacktool.sh
> 2 # Multiple Domains
Enter file path: /path/to/domains.txt
Mode> A # Web scan onlyOption 3: Subdomain List (NEW!)
sudo bash bchacktool.sh
> 3 # Subdomain List
Enter subdomain list file path: /path/to/subdomains.txt
Mode> ALL🛠️ Tools Integrated
Reconnaissance (7 tools in parallel):
- Subfinder, Assetfinder, Findomain
- Wayback Machine, GAU
- Crt.sh, Anubis
Scanning:
- Naabu (Port scanning)
- Httpx (Web probing)
- Nuclei (Vulnerability scanning - 2500+ templates)
Analysis:
- Nikto, SQLMap
📊 What's Changed
Breaking Changes
- ❌ Removed background execution (simpler UX)
- 🔄 Version numbering reset to v4.0
Bug Fixes
- ✅ Fixed Nuclei output visibility
- ✅ Sequential menu numbering
- ✅ Enhanced error handling
📈 Statistics
Performance:
- Average scan time: 5-30 minutes (depending on target size)
- Typical subdomain discovery: 50-500+
- Vulnerability findings: 3-5x increase with full severity scanning
Code:
- 1459 lines of bash
- 7 parallel recon tools
- 2500+ Nuclei templates
- JSON structured output
🔒 Security Notice
Legal Use Cases:
- ✅ Bug bounty programs
- ✅ Penetration testing with written authorization
- ✅ Security research on your own assets
- ✅ Educational purposes in controlled environments
📝 Full Changelog
Added
- Subdomain List Input Mode (Option 3)
- Full Nuclei severity scanning (all levels)
- Real-time Nuclei progress stats
- Tab completion for file paths
- Comprehensive HTML reports
- API integration support
- Multi-platform notifications
Changed
- Simplified user interface
- Sequential menu numbering
- Enhanced error messages
- Improved documentation
Removed
- Background execution feature
- Complex session management
👏 Credits
- ByCh4n - Original concept and development
- ProjectDiscovery Team - Amazing security tools
- Community - Feedback and testing
Download: bchacktool.sh
Documentation: README.md
⭐ If you find this useful, please star the repository!
v3.1
v3
Update README.md