A comprehensive security testing framework for bug bounty hunters and penetration testers.
✅ Web Crawling - Depth-limited, scope-aware page discovery with Playwright
✅ JavaScript Analysis - Extract APIs, endpoints, and security patterns from JS
✅ API Endpoint Discovery - Automatic extraction with intelligent noise filtering
✅ Vulnerability Scanning - Nuclei integration for API testing (exposure, auth bypass, IDOR)
✅ Multi-format Export - HAR (Burp), cURL, JSON, screenshots, Playwright traces
✅ Authenticated Testing - Built-in login flow support and HAR file extraction
✅ Real-time Scanning - See progress as vulnerabilities are discovered
# 1. Clone repository
git clone https://github.com/pilloverx/NETBEAR.git
cd NETBEAR
# 2. Setup Python environment
python -m venv venv
source venv/bin/activate # Windows: venv\Scripts\activate
# 3. Install dependencies
pip install -r requirements.txt
playwright install
# 4. Install Nuclei (vulnerability scanner - REQUIRED)
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
# 5. Verify
nuclei -version # Should show v3.x.x# Create targets
echo "https://example.com" > targets.txt
echo "example.com" > scopes.txt
# Run scan (auto-runs Nuclei)
python netbear_crawler.py
# View results
cat reports/run_*/nuclei_output_*/nuclei_results.txt- QUICKSTART.md ⭐ - Get scanning in 5 minutes
- COMPLETE_GUIDE.md - Full reference guide (30+ pages)
- Nuclei installation & troubleshooting
- Detailed architecture & components
- Advanced features & workflows
- CUSTOMIZATION.md - Advanced configuration
- TEMPLATES_GUIDE.md - Nuclei template reference
- DOCUMENTATION_INDEX.md - Navigation index
URLs (targets.txt)
↓
Crawl (Playwright) → Extract links, forms, JavaScript
↓
Analyze → Find API endpoints, auth patterns
↓
Filter & Normalize → Remove noise, deduplicate
↓
Nuclei Scan → Check for vulnerabilities
↓
Reports → Vulnerabilities found + tested endpoints
| Vulnerability | Template | Detection |
|---|---|---|
| API Exposure | netbear-api-exposure-direct.yaml | API keys, secrets, tokens |
| Auth Bypass | netbear-auth-bypass-direct.yaml | Unauthenticated access |
| IDOR | netbear-idor-direct.yaml | Broken authorization |
Validating templates before scanning
Download Nuclei from GitHub releases
Template validation
Real-time vulnerability discovery
Key settings in config.py:
NETBEAR_MAX_DEPTH = 2 # Crawl depth (1-3)
NETBEAR_MAX_PAGES_PER_DOMAIN = 15 # Pages per domain
NETBEAR_RATE_LIMIT_SEC = 1.5 # Delay between requests
NUCLEI_ENABLED = True # Enable scanning
NUCLEI_TIMEOUT = 1800 # 30 minutes
NUCLEI_SEVERITY = "high,critical" # Minimum severityreports/run_TIMESTAMP/
├── domain_com/
│ ├── report.txt # Crawl summary
│ ├── nuclei_targets_clean.txt # Tested endpoints
│ └── js_structures.json # Extracted APIs
├── nuclei_output_TIMESTAMP/
│ ├── nuclei_results.txt # ⭐ Vulnerabilities found
│ ├── nuclei_results.json # Machine format
│ └── nuclei_*.log # Scan logs
└── exports/
├── domain.har # Burp Suite import
└── domain_requests.curl # Replay commands
export PATH=$PATH:~/go/bin
nuclei -version# Increase timeout in config.py
NUCLEI_TIMEOUT = 3600 # 60 minutesSee COMPLETE_GUIDE.md - Troubleshooting section.
- Use
scopes.txtto prevent out-of-scope scanning - Increase rate limits for stealth on production systems
- Store results securely (contains sensitive data)
MIT License - See LICENSE
→ Start with QUICKSTART.md