Axiom – Pen-Testing Server For Collecting Bug Bounties


Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line.

Axiom - Pen-Testing Server For Collecting Bug Bounties


With Axiom, you just need to run a single command to get setup, and then you can use the Axiom toolkit scripts to spin up and down your new hacking VPS.

Setting up your own ‘hacking vps’, to catch shells, run enumeration tools, scan, let things run in the background in a tmux window, used to be an afternoon project – running into a whole day sometimes if you hit some package isues or ‘dependency hell’. You would run through and install all the tools you need manually, configure your ZSH, configure vim, configure tmux and be ready to rock..at some point.

Thank goodness for Axiom!

Install Axiom Pen-testing Server with Bash One Liner

You will need curl, which is not installed by default on Ubuntu 20.04, if you get a “command not found” error, run sudo apt update && sudo apt install curl)

You also need a Digital Ocean API key, to get one you can sign up here and get $100 in credit over 60 days: https://m.do.co/c/5296ccf18d6f

OS Support for Axiom Pen-testing Server

Axiom current supported list of operating systems:

  • MacOS – Supported
  • Ubuntu – Supported
  • Debian – Semi-Supported – Planned
  • Arch Linux – Semi-Support – Planned
  • Kali – Unknown

You can download Axiom here:

axiom-configure

Or read more here.

Posted in: Hacking Tools


Latest Posts:


Socialscan - Command-Line Tool To Check For Email And Social Media Username Usage Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
CFRipper - CloudFormation Security Scanning & Audit Tool CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool
CredNinja - Test Credential Validity of Dumped Credentials or Hashes CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently.
assetfinder - Find Related Domains and Subdomains assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more.
Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.


Comments are closed.