Quiver – Tool To Manage All Of Your Tools For Bug Bounty Hunting And Penetration Testing
Quiver is the tool to manage all of your tools. It’s an opinionated and curated collection of commands, notes and scripts for bug bounty hunting and penetration testing.
- ZSH / Oh-My-ZSH shell plugin
- Tab auto-completion
- Global variables
- Prefills the command line, doesn’t hide commands from you
- Built-in logbook for on-the-fly notes, saving commands
- Renders markdown notes to the command line
- Runs custom scripts
- Modular, easy updates
- Installation of all dependecies with qq-install
- Bounty scope generators
- Add your own custom aliases and functions in modules/qq-custom.zsh
- Kali Linux
- Dependent packages
Clone the repo to your custom plugins folder.
git clone https://github.com/stevemcilwain/quiver.git ~/.oh-my-zsh/custom/plugins/quiver
git config core.fileMode false
Edit ~/.zshrc to load the plugin.
Setting up Kali Linux Dependencies
To install dependent packages, data and tools run the included install script. This will only install the tools needed in the plugin (previous install script was too large).
Use tab completion to view commands.
Quiver is organized into namespaces for easy tab navigation:
- qq-install, qq-update, qq-debug, qq-status
- qq-loq: create, log and view a running logbook for your notes and commands
Quiver also sets up helpful shell aliases and functions (qq-aliases).
Specify where your markdown notes are stored by setting / exporting the __NOTES variable in your .zshrc for use with qq-notes.
Sometimes scripts are invoked from modules and those are stored in the /scripts subfolder.