GreyWolf Framework

Automated reconnaissance for bug bounty hunting

Modular bug bounty recon framework tailored for automated API and web asset discovery

Get Started GitHub Repository

Overview

GreyWolf is a modular bug bounty reconnaissance framework designed to automate the discovery of APIs and web assets. Built for security researchers and bug bounty hunters, it integrates powerful tools into a cohesive workflow.

greywolf@security:~$ ./greywolf.sh --target example.com
> Starting reconnaissance on example.com
> [1/5] Subdomain enumeration...
> [2/5] Port scanning...
> [3/5] Web path fuzzing...
> [4/5] API endpoint discovery...
> [5/5] Vulnerability scanning...
> Scan completed! Report saved to reports/example.com.html

GreyWolf streamlines the reconnaissance process by automating tedious tasks, allowing security professionals to focus on analyzing results and identifying vulnerabilities.

Core Modules

Subdomain Enumeration

Comprehensive subdomain discovery using AssetFinder and Amass with custom wordlists and permutations.

./greywolf.sh --target example.com --subdomains

Intelligent Fuzzing

Advanced web path discovery with ffuf using optimized wordlists and pattern recognition.

./greywolf.sh --target example.com --fuzz

API Discovery

Specialized Kiterunner module for discovering and analyzing API endpoints.

./greywolf.sh --target example.com --api

Vulnerability Scanning

Automated vulnerability detection with nuclei templates and custom checks.

./greywolf.sh --target example.com --vuln

Network Mapping

Complete network reconnaissance with Nmap and custom scripts.

./greywolf.sh --target example.com --network

Reporting Engine

Automated report generation in multiple formats with actionable insights.

./greywolf.sh --target example.com --report

How GreyWolf Works

The framework follows a systematic workflow to maximize efficiency and coverage

1

Target Definition

Define scope and targets for reconnaissance

./greywolf.sh --target example.com
2

Asset Discovery

Identify subdomains, IPs, and network ranges

./greywolf.sh --discover
3

Vulnerability Scan

Automated scanning with nuclei and custom checks

./greywolf.sh --scan
4

Report Generation

Create actionable reports with findings

./greywolf.sh --report

Installation

Get started with GreyWolf in just a few steps. Requires Linux environment with Python 3.8+.

1

Clone the Repository

git clone https://github.com/OnanT/greywolf.git
cd greywolf
2

Install Dependencies

chmod +x install.sh
./install.sh

This will install all required tools and dependencies.

3

Run GreyWolf

chmod +x greywolf.sh
./greywolf.sh --help

Explore available options and commands.

4

Start Scanning

./greywolf.sh --target example.com --full

Perform a full reconnaissance scan on your target.

Development Roadmap

Future plans for GreyWolf development and feature enhancements.

Completed

Core Framework

Initial release with basic reconnaissance modules and reporting functionality.

In Progress

Docker Integration

Create Docker images for easier deployment and dependency management.

Planned

Parallel Scanning Architecture

Implement distributed scanning for large-scale reconnaissance operations.

Planned

Wordlist Auto-Tuning

Machine learning-based wordlist optimization for specific targets.

Planned

Cloud Integration

Add support for scanning cloud environments (AWS, Azure, GCP).

Support GreyWolf Development

Your contributions help accelerate development and add new features

cards
Powered by paypal

Contributions of any size help maintain and improve this open-source project