Um sistema abrangente e modular para configuraรงรฃo automatizada de ambientes de desenvolvimento Linux, com suporte a mรบltiplas distribuiรงรตes e window managers.
Este projeto oferece uma soluรงรฃo completa para setup de ambientes de desenvolvimento, incluindo:
- Mรบltiplas distribuiรงรตes Linux (Ubuntu, Arch Linux)
- Vรกrios window managers (Hyprland, i3wm, Qtile)
- Ferramentas de desenvolvimento (Python, Go, Neovim)
- Ferramentas de seguranรงa (pentest/hacking tools)
- Configuraรงรตes otimizadas para terminal e editores
- Templates customizados para reconnaissance e security testing
- Sistema Linux (Ubuntu 20.04+, Arch Linux)
- Git
- curl
- sudo (para instalaรงรฃo de pacotes do sistema)
git clone https://github.com/mswell/dotfiles.git
cd dotfiles
./install.shO script install.sh oferece 7 opรงรตes principais:
| Opรงรฃo | Descriรงรฃo | Destino |
|---|---|---|
| [1] Ubuntu VPS | Setup completo para Ubuntu Server | Servidores, desenvolvimento web |
| [2] Archlinux com Hyprland | Arch Linux + Wayland + Hyprland | Desktop moderno, Wayland |
| [3] Install Hacktools | Ferramentas de pentest/seguranรงa | Security testing, CTF |
| [4] Install Pyenv | Ambiente Python com pyenv | Desenvolvimento Python |
| [5] Archlinux com i3wm | Arch Linux + i3 Window Manager | Desktop tiling, X11 |
| [6] Archlinux WSL | Arch Linux no Windows Subsystem | WSL, desenvolvimento cruzado |
| [7] Archlinux DE | Arch Linux + Desktop Environment | Ambiente desktop tradicional |
Cada distribuiรงรฃo tem seu prรณprio diretรณrio de setup com scripts especializados:
setup/
โโโ ubuntu/ # Scripts Ubuntu (base.sh, devel.sh, apps.sh, terminal.sh)
โโโ ArchHypr/ # Arch + Hyprland (base.sh, apps.sh, fonts.sh, terminal.sh)
โโโ ArchI3wm/ # Arch + i3wm (base.sh, apps.sh, fonts.sh, terminal.sh)
โโโ ArchWSL/ # Arch WSL (base.sh, apps.sh, terminal.sh)
โโโ ArchDE/ # Arch Desktop Environment (base.sh, apps.sh, fonts.sh, terminal.sh)
pyenv_install.sh: Gerenciamento de versรตes Pythoninstall_golang.sh: Instalaรงรฃo do Goinstall_hacktools.sh: Ferramentas de seguranรงaterminal.sh: Configuraรงรฃo de terminalcopy_dots.sh: Cรณpia de arquivos de configuraรงรฃo
- Python: pyenv para mรบltiplas versรตes
- Go: Instalaรงรฃo e configuraรงรฃo
- Neovim: Editor moderno com Lua
- Git: Configuraรงรตes otimizadas
- Tmux: Multiplexador de terminal
- ZSH: Shell com Powerlevel10k
- Kitty: Terminal GPU-accelerated
- WezTerm: Terminal moderno
- Ghostty: Terminal Wayland-native
- Fish: Shell alternativa
- Hyprland: Wayland compositor
- i3wm: Tiling window manager
- Qtile: Window manager Python
- Waybar: Status bar para Wayland
- Nuclei: Scanner de vulnerabilidades
- Custom templates: Templates personalizados
- Recon tools: Ferramentas de reconnaissance
- MongoDB integration: Database para resultados
- Catppuccin: Tema moderno
- Tokyo Night: Tema dark
- Cyberdream: Tema cyberpunk
- Oxocarbon: Tema minimalista
config/
โโโ zsh/ # Configuraรงรตes ZSH
โ โโโ functions.zsh # Funรงรตes personalizadas
โ โโโ alias.zsh # Aliases
โ โโโ custom.zsh # Configuraรงรตes customizadas
โ โโโ .zshrc # Arquivo principal
โโโ kitty/ # Temas Kitty
โโโ wezterm/ # Configuraรงรตes WezTerm
โโโ hypr/ # Configuraรงรฃo Hyprland
โโโ i3/ # Configuraรงรฃo i3wm
โโโ nvim/ # Configuraรงรฃo Neovim
โโโ themes/ # Temas adicionais
functions.zsh: Funรงรตes utilitรกriascustom.zsh: Fluxos de trabalho personalizadosalias.zsh: Aliases para produtividade
Ideal para servidores e desenvolvimento web:
./install.sh # Escolher opรงรฃo 1Desktop moderno com Wayland:
./install.sh # Escolher opรงรฃo 2./install.sh # Escolher opรงรฃo 3./install.sh # Escolher opรงรฃo 4Este dotfiles inclui um toolkit completo de reconhecimento para bug bounty hunters, com funรงรตes ZSH modulares que automatizam o fluxo de recon.
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ RECON WORKFLOW โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโค
โ โ
โ workspaceRecon "target.com" โ Cria workspace: target.com/YYYY-MM-DD/ โ
โ โ โ
โ โผ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ SUBDOMAIN ENUMERATION โ โ
โ โ subdomainenum โ subfinder, amass, crt.sh โ dnsx resolve โ โ
โ โ subPermutation โ alterx + puredns (permutations) โ โ
โ โ Output: clean.subdomains โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ โ
โ โผ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ PORT SCANNING โ โ
โ โ naabuRecon โ Top 100 ports scan โ โ
โ โ naabuFullPorts โ Full port range (excl. common) โ โ
โ โ Output: naabuScan โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ โ
โ โผ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ HTTP PROBING โ โ
โ โ getalive โ httpx probe, categoriza por status code โ โ
โ โ Output: ALLHTTP, 200HTTP, 403HTTP, Without404 โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ โ
โ โผ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ CRAWLING & DATA โ โ
โ โ crawler โ gospider, waybackurls, gau, katana โ โ
โ โ JScrawler โ JavaScript file discovery โ โ
โ โ getjsurls โ JS URL extraction + validation โ โ
โ โ secretfinder โ Secrets in JS files โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ โ
โ โผ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ VULNERABILITY SCANNING โ โ
โ โ Nuclei Scans โ exposureNuc, GitScan, XssScan, nucTakeover โ โ
โ โ xsshunter โ Multi-tool XSS detection โ โ
โ โ bypass4xx โ 403/401 bypass attempts โ โ
โ โ prototypefuzz โ Prototype pollution testing โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
| Funรงรฃo | Descriรงรฃo | Input | Output |
|---|---|---|---|
workspaceRecon <domain> |
Cria workspace organizado por data | domain | domain/YYYY-MM-DD/ |
wellSubRecon |
Pipeline completo de subdomain enum | domains |
clean.subdomains |
subdomainenum |
Enum passivo (subfinder, amass, crt.sh) | domains |
all.subdomains, clean.subdomains |
subPermutation |
Gera permutaรงรตes com alterx + puredns | clean.subdomains |
permutations.txt |
subtakeover |
Detecta subdomain takeover | clean.subdomains |
subtakeover.txt |
| Funรงรฃo | Descriรงรฃo | Input | Output |
|---|---|---|---|
naabuRecon |
Port scan top 100 portas | clean.subdomains |
naabuScan |
naabuFullPorts |
Port scan completo | clean.subdomains |
full_ports.txt |
getalive |
HTTP probe + categorizaรงรฃo | naabuScan |
ALLHTTP, 200HTTP, 403HTTP |
screenshot |
Screenshots com aquatone | ALLHTTP |
aqua_out/ |
| Funรงรฃo | Descriรงรฃo | Input | Output |
|---|---|---|---|
crawler |
Multi-tool crawler | Without404 |
crawlerResults.txt |
JScrawler |
Descobre arquivos JS | 200HTTP |
crawlJS, JSroot/ |
getjsurls |
Extrai e valida URLs JS | crawlerResults.txt |
js_livelinks.txt |
secretfinder |
Busca secrets em JS | js_livelinks.txt |
js_secrets_result |
getdata |
Salva todas as responses | ALLHTTP |
AllHttpData/ |
| Funรงรฃo | Descriรงรฃo | Tags/Template |
|---|---|---|
exposureNuc |
Detecta exposiรงรตes | exposure |
GitScan |
Detecta .git exposto | git |
XssScan |
Scan XSS | xss |
nucTakeover |
Subdomain takeover | takeover |
graphqldetect |
Detecta endpoints GraphQL | graphql-detect |
swaggerUIdetect |
Detecta Swagger UI | swagger |
APIRecon |
Recon de APIs | custom workflow |
OpenRedirectScan |
Open redirect | redirect |
lfiScan |
LFI vulnerabilities | lfi |
| Funรงรฃo | Descriรงรฃo | Input | Output |
|---|---|---|---|
xsshunter |
XSS multi-scanner (airixss, freq, xsstrike) | domains |
airixss.txt, FreqXSS.txt |
bypass4xx |
Bypass 403/401 | 403HTTP |
4xxbypass.txt |
prototypefuzz |
Prototype pollution | ALLHTTP |
notifications |
Corstest |
CORS misconfiguration | roots |
CORSHTTP |
smuggling |
HTTP Request Smuggling | hosts |
smuggler_op.txt |
fufdir <url> |
Directory fuzzing | URL | stdout |
fufapi <url> |
API endpoint fuzzing | URL | stdout |
| Funรงรฃo | Descriรงรฃo |
|---|---|
getfreshresolvers |
Baixa lista atualizada de resolvers DNS |
getalltxt |
Baixa wordlist all.txt do jhaddix |
certspotter <domain> |
Busca subdomains via CertSpotter |
crtsh <domain> |
Busca subdomains via crt.sh |
ipinfo <ip> |
Informaรงรตes de IP via ipinfo.io |
# Recon completo automatizado
wellRecon
# Recon com foco em APIs
newRecon
# Apenas Nuclei scans
wellNuclei# 1. Setup workspace
workspaceRecon example.com
# 2. Subdomain enumeration completo (inclui permutations)
wellSubRecon
# 3. Port scan + HTTP probe
naabuRecon
getalive
# 4. Crawling e coleta de JS
crawler
getjsurls
secretfinder
# 5. Vulnerability scanning
exposureNuc
XssScan
nucTakeover
bypass4xxO sistema inclui uma vasta coleรงรฃo de ferramentas para:
- Web Application Security
- Network Reconnaissance
- Vulnerability Assessment
- Penetration Testing
- Custom Nuclei Templates
- Criar diretรณrio em
setup/ - Adicionar scripts base.sh, apps.sh, terminal.sh
- Atualizar menu em install.sh
- Documentar mudanรงas
- Editar arquivos em
config/ - Scripts de setup copiam automaticamente
- Testar mudanรงas antes de commitar
- English - English version
- Portuguรชs (Brasileiro) - Versรฃo em portuguรชs
- Fork o projeto / Fork the project
- Criar branch para feature (
git checkout -b feature/AmazingFeature) / Create a feature branch - Commit mudanรงas (
git commit -m 'Add some AmazingFeature') / Commit your changes - Push branch (
git push origin feature/AmazingFeature) / Push to the branch - Abrir Pull Request / Open a Pull Request
Este projeto estรก sob licenรงa MIT. Veja o arquivo LICENSE para mais detalhes.
Wellington Moraes