Axiom – Pen-Testing Server For Collecting Bug Bounties


Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line.

Axiom - Pen-Testing Server For Collecting Bug Bounties


With Axiom, you just need to run a single command to get setup, and then you can use the Axiom toolkit scripts to spin up and down your new hacking VPS.

Setting up your own ‘hacking vps’, to catch shells, run enumeration tools, scan, let things run in the background in a tmux window, used to be an afternoon project – running into a whole day sometimes if you hit some package isues or ‘dependency hell’. You would run through and install all the tools you need manually, configure your ZSH, configure vim, configure tmux and be ready to rock..at some point.

Thank goodness for Axiom!

Install Axiom Pen-testing Server with Bash One Liner

You will need curl, which is not installed by default on Ubuntu 20.04, if you get a “command not found” error, run sudo apt update && sudo apt install curl)

You also need a Digital Ocean API key, to get one you can sign up here and get $100 in credit over 60 days: https://m.do.co/c/5296ccf18d6f

OS Support for Axiom Pen-testing Server

Axiom current supported list of operating systems:

  • MacOS – Supported
  • Ubuntu – Supported
  • Debian – Semi-Supported – Planned
  • Arch Linux – Semi-Support – Planned
  • Kali – Unknown

You can download Axiom here:

axiom-configure

Or read more here.

Posted in: Hacking Tools


Latest Posts:


HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.
Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.
OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.
trident - Automated Password Spraying Tool trident – Automated Password Spraying Tool
The Trident project is an automated password spraying tool developed to be deployed on multiple cloud providers and provides advanced options around scheduling
tko-subs - Detect & Takeover Subdomains With Dead DNS Records tko-subs – Detect & Takeover Subdomains With Dead DNS Records
tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services and more.


Comments are closed.