EnumRust is an advanced, Rust-based security enumeration and crawling tool designed for security researchers and bug bounty hunters. It automates complex reconnaissance tasks, including subdomain discovery, DNS resolution, port scanning, web crawling, and vulnerability identification, providing a comprehensive attack surface analysis. The tool offers a real-time dashboard and integrates AI capabilities to streamline the bug bounty hunting process and enhance findings.

How It Works

EnumRust acts as an orchestrator for a suite of specialized security tools, written primarily in Rust. It employs a modular approach, integrating popular utilities like subfinder, nuclei, masscan, httpx, shortscan, and wpscan (via Docker). The core design focuses on parallel execution and asynchronous I/O for efficient scanning. Novelty lies in its unified workflow, real-time dashboard visualization, AI-powered analysis via Ollama, and dedicated modes for bug bounty hunting and infrastructure scanning.

Quick Start & Requirements

The recommended installation is a one-line auto-install script: git clone https://github.com/KingOfBugbounty/enumrust.git && cd enumrust && sudo bash install.sh This script installs Rust, Go, EnumRust, and all 21 supporting tools, configuring the PATH. Docker installation is also available.

• Prerequisites: Rust and Go toolchains (managed by the installer), masscan requires sudo privileges for raw socket access. Docker is needed for the WPScan integration and Dockerized execution.
• Links: GitHub Repository: https://github.com/KingOfBugbounty/enumrust.git

Highlighted Details

• Bug Bounty Mode: Features automated admin panel discovery across 15 ports, default credential testing against 40+ combinations, and Discord notifications for critical findings.
• AI Integration: Leverages Ollama for AI-powered validation of secrets, Nuclei findings, and credential tests, generating executive summaries.
• Specialized Scanners: Includes integrated IIS Short Filename Scanner (Shortscan) and Docker-based WordPress Vulnerability Scanner (WPScan) with AI false positive filtering.
• Advanced Secrets Scanner: Detects over 70 token patterns (AWS, GCP, GitHub, etc.) with automatic API validation and code context.
• Real-time Dashboard: Provides a web UI for live scan monitoring, progress tracking, statistics, and detailed, export-ready HTML reports.
• MCP Server Integration: Enables programmatic scanning via AI assistants like Claude Code and Cursor.

Maintenance & Community

The project is maintained by OFJAAAH (@ofjaaah). Contributions are welcomed via pull requests following a standard fork-and-branch workflow. No specific community channels (like Discord or Slack) or roadmap links are provided in the README.

Licensing & Compatibility

EnumRust is released under the MIT License. This permissive license allows for commercial use, modification, and distribution, making it compatible with closed-source projects.

Limitations & Caveats

The masscan tool, a core component for port scanning, requires sudo privileges due to its reliance on raw sockets, which may pose operational or security challenges in certain environments. Manual installation requires careful management of Go and Rust environments and PATH configurations. AI features necessitate a locally running Ollama instance.