⚠️ AUTHORIZED USE ONLY — This toolkit is designed strictly for ethical security research, authorized penetration testing, and bug-bounty-scoped targets. Unauthorized use is illegal.
DARKWIN is a modular, pipeline-driven automation toolkit for ethical hackers and bug bounty hunters. It chains together industry-standard security tools (subfinder, nuclei, dalfox, sqlmap, nmap, ffuf, and 15+ more) into smart, automated pipelines.
darkwin run recon --target example.com
darkwin run scan --target example.com
darkwin run bounty --target example.com
| Category | Tools Integrated |
|---|---|
| Recon | subfinder, amass, dnsrecon, whois, gau |
| OSINT | theHarvester, sherlock, metagoofil |
| Web Discovery | katana, gau, waybackurls, arjun |
| Vulnerability | dalfox, sqlmap, nuclei, ffuf, kxss |
| Fuzzing | ffuf, wfuzz |
| Network | nmap, masscan, enum4linux |
| Cloud | cloud_enum |
| Reporting | HTML + Markdown auto-reports |
| Concurrency | Parallel stage execution (ThreadPool) |
| Dashboard | Real-time web UI (Next.js + Socket.IO) |
git clone https://github.com/VIPHACKER100/DarkWin-AATK
cd DarkWin-AATKbash scripts/setup.shsource venv/bin/activate # Linux/macOS
venv\Scripts\activate # WindowsRun the interactive setup wizard:
darkwin setupAlternatively, edit core/config.yaml manually.
# Full recon pipeline
darkwin run recon --target example.com
# Full vulnerability scan
darkwin run scan --target example.com
# Bug bounty optimized pipeline
darkwin run bounty --target example.com
# Verify all tools are installed
darkwin doctor
# Automatically fix missing dependencies (Linux/WSL)
darkwin doctor --fix
# Update DARKWIN and tools
darkwin update
# Launch the Web Dashboard
darkwin dashboard| Command | Description |
|---|---|
darkwin setup |
Launch interactive wizard for API keys and paths. |
darkwin doctor --fix |
Automatically install missing Go/Python/apt dependencies. |
darkwin dashboard |
Start the Flask backend and Next.js frontend Control Center. |
darkwin run --mode bounty --target site.com --confirm-scope |
Run bounty mode with automatic authorization confirmation. |
darkwin run --mode recon --target site.com --dashboard |
Run a scan and stream live logs to the dashboard. |
DARKWIN v1.1.0 includes a modern Next.js dashboard for real-time monitoring.
- Start the backend:
darkwin dashboard - Start the frontend:
cd dashboard/frontend && npm run dev - Access: http://localhost:3000
DARKWIN/
├── core/ # Engine, CLI, config loader, logger
├── modules/ # Individual scan modules
│ ├── recon/ # 7 recon scripts
│ ├── osint/ # 4 OSINT scripts
│ ├── web/ # 4 web discovery scripts
│ ├── vulnerabilities/ # 9 vuln scripts
│ ├── fuzzing/ # 3 fuzzing scripts
│ ├── network/ # 5 network scripts
│ ├── cloud/ # 3 cloud scripts
│ ├── exploitation/ # 3 exploitation scripts
│ └── reporting/ # 3 reporting scripts
├── automation/ # Pipeline orchestrators
├── wordlists/ # SecLists + PayloadsAllTheThings
├── logs/ # Session logs
├── reports/ # Scan output
├── templates/ # HTML/MD report templates
└── scripts/ # Install & setup scripts
This tool is provided for educational and authorized security testing purposes only. The authors are not responsible for any misuse. Always obtain explicit written authorization before testing any system.
MIT License — © 2026 ARYAN AHIRWAR (VIPHACKER.100)