Termaid is a term (pun intended) for Terminal-Mermaid. I started fooling around with mermaid charts and realized that they're a super convient way to create automation templates (using https://mermaid.live - it's basically drag-n-drop + AI. Termaid is that and so, so much more. I've tried to create a trickest-like platform, using https://charm.sh libraries to make it look, feel and act fantastic.
Termaid: a next-level, terminal-native automation framework for bug bounty hunters and penetration testers. 🌐🎯 Build workflows, execute recon, and chain your favorite tools — all from a sleek, interactive TUI. No mouse, no fuss — just pure hacker speed. A terminal-based bug bounty hunting automation tool with visual workflow management using Mermaid charts. Build, visualize, and execute complex reconnaissance pipelines entirely from your terminal.
Since this platform is a work in progress and was greatly inspired by trickest.io, a web-based platform that does this, only not hosted locally but in their much fancier web interface, but not everyone can afford the subscription plan, or perhaps hosting locally is preferred by some? Either way, Thank you Trickest, projectdiscovery, obviously mermaid charts and A LOT of insanely talented hackers, crackers and subjackers... And some developers as well, check out my stars/follows for some of the ones I really appreciate.
- Visual Workflow Builder: Create complex bug bounty workflows using an interactive TUI
- Mermaid Integration: Visualize your workflows as directed acyclic graphs (DAGs)
- Pre-built Tool Catalog: 60+ popular bug bounty tools with default configurations
- Template System: Save and reuse workflow templates
- Parallel Execution: Run tools concurrently with configurable concurrency limits
- Real-time Monitoring: Live status updates and logging during execution
- Pipeline Management: Automatic data flow between tools with deduplication
- Extensible: Easy to add new tools and customize existing ones
- Go 1.22+
- Python 3.x
- Node.js (for some tools)
- Common bug bounty tools (subfinder, httpx, nuclei, etc.)
git clone https://github.com/MKlolbullen/termaid.git
cd termaid
chmod +x install.sh
./install.sh
The installer will:
- Install Go if missing
- Install Python and Node.js dependencies
- Install popular bug bounty tools
- Build the termaid binary
go mod tidy
go build -o termaid ./cmd/termaid
Launch the TUI:
./termaid
- Run Workflow - Execute the default workflow.json
- Run Template - Choose from saved workflow templates
- Preview Workflow - View Mermaid diagram of current workflow
- Create Workflow - Open the visual workflow builder
- Exit - Quit the application
The interactive workflow builder allows you to:
Tab
/Shift+Tab
- Cycle between panels↑/↓
- Navigate within panels or layersEnter
- Select items
n
- Add selected tool to workflow (when in Tools panel)r
- Remove selected node (when in Canvas panel)c
- Commit/save arguments (when in Args panel)f
- Finish and save workflow
- Domain Input - Target domain for the workflow
- Tools List - Available tools from catalog
- Canvas - Visual representation of workflow layers
- Args Editor - Modify tool arguments
Termaid includes 60+ pre-configured tools organized by category:
- subfinder, assetfinder, amass, chaos-client
- dnsx, jsubfinder, massdns, bbot
- subjack, subover, subzy, uncover
- httpx, httprobe, naabu, nmap, smuggler
- gau, gauplus, gospider, katana
- waymore, urx, urlfinder, Photon
- arjun, JSFinder, Linkfinder, oralyzer
- parameth, paramspider, unfurl
- ffuf, gobuster, cariddi, kiterunner
- cloakquest3r, Corsy
- nuclei, dalfox, sqlmap, XSStrike
- crlfuzz, kxss, SSRFire, tsunami
- wafw00f, xsrfprobe, scan4all
- aquatone, gowitness, whatweb, gf
- puredns, trufflehog
Workflows are JSON files with the following structure:
{
"workflow": [
{
"id": "subfinder-1",
"tool": "subfinder",
"args": "-d {{domain}} -silent -o {{output}}",
"children": ["httpx-1"],
"layer": 1
},
{
"id": "httpx-1",
"tool": "httpx",
"args": "-l {{input}} -title -tech-detect -json -o {{output}}",
"children": ["nuclei-1"],
"layer": 2
},
{
"id": "nuclei-1",
"tool": "nuclei",
"args": "-l {{input}} -severity medium,high,critical -o {{output}}",
"children": [],
"layer": 3
}
]
}
{{domain}}
- Target domain{{input}}
- Input file from previous layer{{output}}
- Output file for current tool
# Create workflow.json with subfinder -> httpx -> nuclei
# Run with domain
./termaid
# Select "Run Workflow", enter target domain
- Launch termaid
- Select "Create Workflow"
- Enter target domain
- Select tools from catalog
- Press
n
to add tools - Modify arguments with
c
- Save with
f
# Save workflows in ./workflows/ directory
# Select "Run Template" to choose existing workflows
termaid/
├── LICENSE
├── MATRIX_SYSTEM.md
├── README.md
├── VISUAL_EDITOR.md
├── assets
│ └── tools.yaml
├── cmd
│ ├── demo
│ │ └── main.go
│ ├── responsive-demo
│ │ └── main.go
│ ├── termaid
│ │ └── main.go
│ └── tui-test
│ └── main.go
├── go.mod
├── go.sum
├── install.sh
├── internal
│ ├── graph
│ │ ├── dag.go
│ │ └── render.go
│ ├── pipeline
│ │ ├── dataflow.go
│ │ └── pipeline.go
│ └── tui
│ ├── builder.go
│ ├── catalog.go
│ ├── menu.go
│ ├── model.go
│ ├── responsive.go
│ └── tmplpicker.go
├── structure.md
├── templates
│ ├── README.md
│ └── webapp-comprehensive-scan.json
├── workflow.json
├── workflow.mmd
└── workflows
├── advanced-recon.json
├── matrix-parallel-recon.json
├── mypreset1.json
├── quick-subdomains.json
├── simple-test.json
Edit assets/tools.yaml
:
- name: mytool
cat: Custom
desc: My custom tool
def: "-flag {{domain}} -o {{output}}"
Save JSON workflows in the workflows/
directory. They'll appear in the "Run Template" menu.
- Execution logs:
run-<timestamp>.log
- Tool outputs:
workdir/<category>/<tool>_<id>.txt
- Merged results:
workdir/<category>/merged.txt
q
/Ctrl+C
- QuitEnter
- Select option
Tab
- Toggle log viewq
- Quit execution↑/↓
- Scroll logs (when log view active)
Tab
/Shift+Tab
- Switch panelsn
- Add noder
- Remove nodec
- Commit argsf
- Finish/save↑/↓
- Navigate
- curl, wget, git, jq, unzip
- Build tools (gcc, make)
- subfinder, httpx, nuclei, naabu
- dnsx, chaos-client, amass, ffuf
- gau, gauplus, dalfox, kxss
- arjun, xsrfprobe, waymore
- parameth, photon
- glow (for Mermaid preview)
- Various external tools per your needs
Ensure tools are installed and in PATH:
which subfinder httpx nuclei
Check directory permissions:
chmod 755 workdir workflows
Re-run installer:
./install.sh
- Fork the repository
- Create a feature branch
- Add tools to
assets/tools.yaml
- Update documentation
- Submit a pull request
MIT License - see LICENSE file for details.
- Built with Charm.sh TUI libraries
- Integrates popular bug bounty tools from the community
- Inspired by visual workflow tools and automation frameworks