Project Bheem is a simple collection of small bash-scripts which runs iteratively to carry out various tools and recon process & store output in an organized way.
This project was created initially for automation of Recon for personal usage and was never meant to be public as there is nothing fancy about it but due to request by community, Project Bheem is now Public.
Please feel free to improve it in any way you can. There is no secret sauce involved and it’s just a set of commands and existing tools written in bash-scripts for simple Recon Automation.
Project Bheem Supports an approach of Recon from @harshbothra_’s Scope Based Recon Methodology. Currently this tools supports performing recon for:
A few features like port scanning might not be working in the current build and some of the newly released tools might also be missed. we are working on upgrading the tool but feel free to fork, upgrade and make a pull request (Ensure that tool is not breaking).
Pre-Requisite
Installation
sh install.sh
arsenal
directory contains a set of small scripts used to automate Bheem. Give executable permissions to scripts in this directory.~/arsenal
directory and Simply run following command to see all the supported options provided in Bheem:./Bheem.sh -h
screen -S <screen_name>
~/arsenal/Bheem.sh -h
Bheem
running even if the SSH Connection is terminated or you turn off your local machine.Sample Usage
Bheem -t targetfile -S
Bheem -t targetfile -M
Bheem -t targetfile -L
targetfile
contains list of domains to perform Recon. For example: targettest.com
Side Notes
/Bheem/arsenal/autoxss.sh
to yours . Visit XSS Hunter to get your Blind XSS PayloadTools Used
~ Other onliners and tools to be added.
PR Notes
install.sh
please create a PR for it.X
tool used by Bheem is not successful, please do not create a PR for it. As this issue is required to be Raise to the specific Tool Owner.Future Plans/Under Development
Special Thanks
Every single application security community member and tool developers. Special Thanks to:
Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…
This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…
GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…
Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…
The free and open-source security platform SecHub, provides a central API to test software with…
Don't worry if there are any bugs in the tool, we will try to fix…