Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/KathanP19/HowToHunt

Collection of methodology and test case for various web vulnerabilities.

bugbounty bugbountytips bughunting-methodology tutorials vulnerability

Last synced: 01 Jul 2024

https://github.com/Cyber-Guy1/API-SecurityEmpire

API Security Project aims to present unique attack & defense methods in API Security field

api apisecurity bug-bounty bugbounty bugbountytips cybersec cybersecurity information-security infosec penetration-testing tips

Last synced: 28 Jun 2024

https://github.com/edoardottt/missing-cve-nuclei-templates

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

automation bug-bounty bug-hunting bugbounty bugbounty-tool bugbountytips cve cve-scanning hacking nuclei nuclei-engine nuclei-templates penetration-testing pentesting projectdiscovery security security-tools vulnerability-detection vulnerability-scanners

Last synced: 25 Jun 2024

https://github.com/random-robbie/bruteforce-lists

Some files for bruteforcing certain things.

bruteforce bugbounty bugbountytips dirbuster

Last synced: 25 Jun 2024

https://github.com/dwisiswant0/ppfuzz

A fast tool to scan client-side prototype pollution vulnerability written in Rust. ๐Ÿฆ€

bugbounty bugbounty-tool bugbountytips chromium prototype-pollution rust rust-tools security security-tools vulnerability-scanners

Last synced: 25 Jun 2024

https://github.com/hahwul/WebHackersWeapons

โš”๏ธ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

awesome-list bugbounty bugbountytips hacking hacktoberfest scanner security tools webhacking

Last synced: 25 Jun 2024

https://github.com/dwisiswant0/findom-xss

A fast DOM based XSS vulnerability scanner with simplicity.

bugbounty bugbountytips findom-xss pentest pentesting xss xss-scanner

Last synced: 14 Jun 2024

https://github.com/hahwul/XSpear

๐Ÿ”ฑ Powerfull XSS Scanning and Parameter analysis tool&gem

bugbounty bugbountytips gem hacking library pentest ruby scanner scanning-xss selenium tool webhacking xss

Last synced: 14 Jun 2024

https://github.com/indianajson/can-i-take-over-dns

"Can I take over DNS?" โ€” a list of DNS providers and how to claim (sub)domains via missing hosted zones

bugbounty bugbountytips dangling-dns dns dns-hijacking dns-takeover domain-takeover hacking hacking-tool infosec nameservers subdomain-takeover takeover-subdomain

Last synced: 12 Jun 2024

https://github.com/DreyAnd/DeadDNS

DNS hijacking via dead records automation tool

bugbounty bugbounty-tool bugbountytips bughunting

Last synced: 05 Jun 2024

https://github.com/kabilan1290/grapX

grapX will iterate through the URLs and grep the endpoints with all possible extensions.

automation bugbounty bugbounty-tool bugbountytips cybersecurity opensource python python-script security-automation security-vulnerability

Last synced: 05 Jun 2024

https://github.com/nullt3r/rapiddns

Rapidly enumerate subdomains and domains using rapiddns.io.

bugbounty bugbountytips domain-discovery enumeration scanner subdomains-enumeration

Last synced: 05 Jun 2024

https://github.com/harsh-bothra/learn365

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

application-security bugbounty bugbountytips community infosec learning pentesting pentesting-tools vulnerabilities

Last synced: 05 Jun 2024

https://github.com/HolyBugx/HolyTips

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

api api-security bugbounty bugbounty-writeups bugbountytips checklist pentest pentesting security web webapp websecurity writeups

Last synced: 05 Jun 2024

https://github.com/dwisiswant0/bounty-targets-alert

It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.

bugbounty bugbountytips bugcrowd federacy hackenproof hackerone intigriti vdp vrp yeswehack

Last synced: 30 May 2024

https://github.com/hahwul/MobileHackersWeapons

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

android awesome-list bugbounty bugbountytips hacking ios mobilehacks scanner security tools

Last synced: 12 May 2024

https://github.com/R0X4R/ssrf-tool

An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.

bugbounty bugbounty-tool bugbountytips go ssrf ssrf-tool tools

Last synced: 12 May 2024

https://github.com/Viralmaniar/BigBountyRecon

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

blue-team bugbounty bugbounty-tool bugbountytips cybersecurity offensive-security osint pentest-tool pentesting purple-team purple-teams recon reconnaissance red-team red-teaming

Last synced: 07 May 2024

https://github.com/taielab/Taie-Bugbounty-killer

ๆŒ–ๆŽ˜ๅ›ฝๅ†…ๅค–ๆผๆดžๅนณๅฐๅฟ…ๅค‡็š„่‡ชๅŠจๅŒ–ๆก้’ฑ่ต้‡‘ๆŠ€ๅทง๏ผŒ็œ‹ไบ†ๅนถๅŽปๅšไบ†ๆก้’ฑๅฆ‚ๅ–ๆฐดใ€‚

bugbounty bugbounty-tool bugbountytips

Last synced: 01 May 2024

https://github.com/inonshk/31-days-of-API-Security-Tips

This challenge is Inon Shkedy's 31 days API Security Tips.

api-pentest api-security bug-bounty bugbounty bugbountytips infosec pentest security

Last synced: 18 Apr 2024

https://github.com/dwisiswant0/awesome-oneliner-bugbounty

A collection of awesome one-liner scripts especially for bug bounty tips.

awesome bash bug-bounty bugbounty bugbountytips hacktoberfest liner-scripts one-liners recon

Last synced: 12 Apr 2024

https://github.com/insightglacier/Dictionary-Of-Pentesting

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. ๆธ—้€ๆต‹่ฏ•ใ€SRCๆผๆดžๆŒ–ๆŽ˜ใ€็ˆ†็ ดใ€Fuzzing็ญ‰ๅญ—ๅ…ธๆ”ถ้›†้กน็›ฎใ€‚

bruteforce bugbounty bugbountytips bughunting-methodology database dictionary dns fingerprint fuzzing iot-security password payloads pentest pentesting rce regex-pattern spring-boot subdomain websecurity wifi

Last synced: 12 Apr 2024

https://github.com/gwen001/bugbountytips

Webapp to search tips on Twitter through #bugbountytips

bugbounty bugbountytips hashtag pentesting php security twitter

Last synced: 12 Apr 2024

https://github.com/R0X4R/Garud

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

assetfinder bash-script bugbounty bugbounty-tool bugbountytips garud gf-patterns golang penetration-testing penetration-testing-tools reconnaissance subdomain-takeover vulnerability vulnerability-scanner

Last synced: 10 Apr 2024

https://github.com/dwisiswant0/wadl-dumper

Dump all available paths and/or endpoints on WADL file.

bugbounty bugbounty-tool bugbountytips go golang wadl xml xml-parser

Last synced: 06 Apr 2024

https://github.com/devanshbatham/Awesome-Bugbounty-Writeups

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

bugbounty bugbounty-blogs bugbounty-facebook bugbounty-writeups bugbounty-yahoo bugbountytips bughunting bughunting-methodology bughunting-writeups security-writeups

Last synced: 26 Mar 2024

https://github.com/aydinnyunus/PassDetective

PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of sensitive information in your command history.

bash bugbounty bugbounty-tool bugbountytips golang hacking kali kali-linux kali-linux-hacking linux red-team security security-tools shell shell-script zsh

Last synced: 17 Mar 2024

https://github.com/lutfumertceylan/top25-parameter

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. ๐Ÿ›ก๏ธโš”๏ธ๐Ÿง™

bugbounty bugbountytips infosec pentest-tool pentesting security vulnerability-detection vulnerability-research xss-detection

Last synced: 17 Mar 2024

https://github.com/hash3liZer/Subrake

๐Ÿš€ A DNS automated scanner and tool ๐Ÿ–ฑ๏ธ (Zone Transfer, DNS Zone Takeover, Subdomain Takeover).

bugbountytips dns-takeover reconnaissance subdomain-bruteforcing subdomain-enumeration subdomain-scanner subdomain-takeover zone-takeover zone-transfers

Last synced: 16 Mar 2024

https://github.com/Puliczek/CVE-2021-21123-PoC-Google-Chrome

๐Ÿฑโ€๐Ÿ’ป ๐Ÿ‘ Google Chrome - File System Access API - vulnerabilities reported by Maciej Pulikowski | Total Bug Bounty Reward: $5.000 | CVE-2021-21123 and 5 more...

bugbounty bugbounty-writeups bugbountytips cve cybersecurity exploit hacking payload pentesing pentest red-team security security-writeups writeups

Last synced: 16 Mar 2024

https://github.com/Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera

๐ŸŽฉ ๐ŸคŸ๐Ÿป [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337

bugbounty bugbounty-writeups bugbountytips cve cve-2022-0337 cybersecurity exploit hacking payload pentest pentesting red-team security security-writeups writeups

Last synced: 16 Mar 2024