Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/KathanP19/HowToHunt
Collection of methodology and test case for various web vulnerabilities.
bugbounty bugbountytips bughunting-methodology tutorials vulnerability
Last synced: 01 Jul 2024
![](https://github.com/KathanP19.png)
https://github.com/Cyber-Guy1/API-SecurityEmpire
API Security Project aims to present unique attack & defense methods in API Security field
api apisecurity bug-bounty bugbounty bugbountytips cybersec cybersecurity information-security infosec penetration-testing tips
Last synced: 28 Jun 2024
![](https://github.com/Cyber-Guy1.png)
https://github.com/dwisiswant0/cf-check
CloudFlare Checker written in Go
bugbounty bugbounty-tool bugbountytips cloudflare go golang ip-scanner scanner
Last synced: 25 Jun 2024
![](https://github.com/dwisiswant0.png)
https://github.com/edoardottt/missing-cve-nuclei-templates
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
automation bug-bounty bug-hunting bugbounty bugbounty-tool bugbountytips cve cve-scanning hacking nuclei nuclei-engine nuclei-templates penetration-testing pentesting projectdiscovery security security-tools vulnerability-detection vulnerability-scanners
Last synced: 25 Jun 2024
![](https://github.com/edoardottt.png)
https://github.com/random-robbie/bruteforce-lists
Some files for bruteforcing certain things.
bruteforce bugbounty bugbountytips dirbuster
Last synced: 25 Jun 2024
![](https://github.com/random-robbie.png)
https://github.com/dwisiswant0/ppfuzz
A fast tool to scan client-side prototype pollution vulnerability written in Rust. ๐ฆ
bugbounty bugbounty-tool bugbountytips chromium prototype-pollution rust rust-tools security security-tools vulnerability-scanners
Last synced: 25 Jun 2024
![](https://github.com/dwisiswant0.png)
https://github.com/aufzayed/HydraRecon
All In One, Fast, Easy Recon Tool
bugbounty bugbounty-tool bugbountytips crawler hacking hacking-tools information-gathering open-source-intelligence osnit pentest pentest-tools pentesting python recon recon-tools
Last synced: 25 Jun 2024
![](https://github.com/aufzayed.png)
https://github.com/hahwul/WebHackersWeapons
โ๏ธ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
awesome-list bugbounty bugbountytips hacking hacktoberfest scanner security tools webhacking
Last synced: 25 Jun 2024
![](https://github.com/hahwul.png)
https://github.com/j3ssie/metabigor
OSINT tools and more but without API key
asn bug-bounty bugbounty bugbounty-tools bugbountytips infosec ip-osint ip-range osint pentesting recon reconnaissance security security-tools subdomain subdomains
Last synced: 14 Jun 2024
![](https://github.com/j3ssie.png)
https://github.com/AlecBlance/S3BucketList
Chrome extension that lists Amazon S3 Buckets while browsing
amazon-s3 amazon-s3-bucket amazon-web-services bounty-hunters bounty-hunting-tools bug bugbountytips chrome chrome-extension ethical-hacking extensions firefox-extension plugins s3-bucket security security-tools tools
Last synced: 14 Jun 2024
![](https://github.com/AlecBlance.png)
https://github.com/dwisiswant0/findom-xss
A fast DOM based XSS vulnerability scanner with simplicity.
bugbounty bugbountytips findom-xss pentest pentesting xss xss-scanner
Last synced: 14 Jun 2024
![](https://github.com/dwisiswant0.png)
https://github.com/hahwul/XSpear
๐ฑ Powerfull XSS Scanning and Parameter analysis tool&gem
bugbounty bugbountytips gem hacking library pentest ruby scanner scanning-xss selenium tool webhacking xss
Last synced: 14 Jun 2024
![](https://github.com/hahwul.png)
https://github.com/indianajson/can-i-take-over-dns
"Can I take over DNS?" โ a list of DNS providers and how to claim (sub)domains via missing hosted zones
bugbounty bugbountytips dangling-dns dns dns-hijacking dns-takeover domain-takeover hacking hacking-tool infosec nameservers subdomain-takeover takeover-subdomain
Last synced: 12 Jun 2024
![](https://github.com/indianajson.png)
https://github.com/daffainfo/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
bug bugbounty bugbountytips bypass hacking infosec payload payloads penetration-testing pentest reconnaissance security vulnerability
Last synced: 10 Jun 2024
![](https://github.com/daffainfo.png)
https://github.com/iamthefrogy/nerdbug
Full Nuclei automation script with logic explanation.
application-security appsec automation bugbounty bugbounty-bot bugbountytips nuclei nuclei-templates security-tools
Last synced: 06 Jun 2024
![](https://github.com/iamthefrogy.png)
https://github.com/darklotuskdb/SSTI-XSS-Finder
XSS Finder Via SSTI
bug bugbounty bugbounty-tool bugbountytips dorks hacking ssti tool vulnerability xss
Last synced: 06 Jun 2024
![](https://github.com/darklotuskdb.png)
https://github.com/DreyAnd/DeadDNS
DNS hijacking via dead records automation tool
bugbounty bugbounty-tool bugbountytips bughunting
Last synced: 05 Jun 2024
![](https://github.com/DreyAnd.png)
https://github.com/kabilan1290/grapX
grapX will iterate through the URLs and grep the endpoints with all possible extensions.
automation bugbounty bugbounty-tool bugbountytips cybersecurity opensource python python-script security-automation security-vulnerability
Last synced: 05 Jun 2024
![](https://github.com/kabilan1290.png)
https://github.com/nullt3r/rapiddns
Rapidly enumerate subdomains and domains using rapiddns.io.
bugbounty bugbountytips domain-discovery enumeration scanner subdomains-enumeration
Last synced: 05 Jun 2024
![](https://github.com/nullt3r.png)
https://github.com/harsh-bothra/learn365
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
application-security bugbounty bugbountytips community infosec learning pentesting pentesting-tools vulnerabilities
Last synced: 05 Jun 2024
![](https://github.com/harsh-bothra.png)
https://github.com/HolyBugx/HolyTips
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
api api-security bugbounty bugbounty-writeups bugbountytips checklist pentest pentesting security web webapp websecurity writeups
Last synced: 05 Jun 2024
![](https://github.com/HolyBugx.png)
https://github.com/daffainfo/AllAboutBugBounty?tab=readme-ov-file
All about bug bounty (bypasses, payloads, and etc)
bug bugbounty bugbountytips bypass hacking infosec payload payloads penetration-testing pentest reconnaissance security vulnerability
Last synced: 01 Jun 2024
![](https://github.com/daffainfo.png)
https://github.com/dwisiswant0/bounty-targets-alert
It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.
bugbounty bugbountytips bugcrowd federacy hackenproof hackerone intigriti vdp vrp yeswehack
Last synced: 30 May 2024
![](https://github.com/dwisiswant0.png)
https://github.com/samirettali/bounty-notes
My bug bounty notes
bounty-notes bug-bounty bug-bounty-recon bug-bounty-tips bugbounty bugbountytips hacking
Last synced: 24 May 2024
![](https://github.com/samirettali.png)
https://github.com/lohitakshnandan/Bug-Bounty-Dorks
Bug Bounty Dorks
bug-bounty bug-bounty-dorks bugbounty bugbountytips bugbountytricks dorks
Last synced: 19 May 2024
![](https://github.com/lohitakshnandan.png)
https://github.com/trickest/insiders
Archive of Potential Insider Threats
assets bugbounty bugbounty-tool bugbountytips github-recon hacking infosec osint osint-resources osint-tool penetration-testing pentesting recon reconnaissance red-team security security-tools threat-intelligence
Last synced: 19 May 2024
![](https://github.com/trickest.png)
https://github.com/karthi-the-hacker/Gh0stR3c0n
All in one web Recon app
bugbounty bugbounty-tool bugbounty-tools bugbountyautomation bugbountytips webrecon
Last synced: 12 May 2024
![](https://github.com/karthi-the-hacker.png)
https://github.com/hahwul/MobileHackersWeapons
Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
android awesome-list bugbounty bugbountytips hacking ios mobilehacks scanner security tools
Last synced: 12 May 2024
![](https://github.com/hahwul.png)
https://github.com/R0X4R/ssrf-tool
An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.
bugbounty bugbounty-tool bugbountytips go ssrf ssrf-tool tools
Last synced: 12 May 2024
![](https://github.com/R0X4R.png)
https://github.com/trickest/mksub
Generate tens of thousands of subdomain combinations in a matter of seconds
bugbounty bugbountytips enumeration infosec infosectools penetration-testing penetration-testing-tools pentesting pentesting-tools recon reconnaissance security security-tools subdomain subdomain-enumeration subdomain-finder subdomain-scanner
Last synced: 07 May 2024
![](https://github.com/trickest.png)
https://github.com/trickest/mkpath
Make URL path combinations using a wordlist
bugbountytips directory-bruteforce enumeration fuzzing penetration-testing penetration-testing-tools pentesting pentesting-tools recon reconnaissance security webappsecurity
Last synced: 07 May 2024
![](https://github.com/trickest.png)
https://github.com/aufzayed/digit
Extract endpoints from specific Git repository for fuzzing
bugbounty bugbounty-tool bugbountytips cybersecurity hacking hacking-tool hacking-tools infosec pentest pentest-scripts pentest-tool pentesting pentesting-tools recon
Last synced: 07 May 2024
![](https://github.com/aufzayed.png)
https://github.com/Viralmaniar/BigBountyRecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
blue-team bugbounty bugbounty-tool bugbountytips cybersecurity offensive-security osint pentest-tool pentesting purple-team purple-teams recon reconnaissance red-team red-teaming
Last synced: 07 May 2024
![](https://github.com/Viralmaniar.png)
https://github.com/taielab/Taie-Bugbounty-killer
ๆๆๅฝๅ ๅคๆผๆดๅนณๅฐๅฟ ๅค็่ชๅจๅๆก้ฑ่ต้ๆๅทง๏ผ็ไบๅนถๅปๅไบๆก้ฑๅฆๅๆฐดใ
bugbounty bugbounty-tool bugbountytips
Last synced: 01 May 2024
![](https://github.com/taielab.png)
https://github.com/inonshk/31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
api-pentest api-security bug-bounty bugbounty bugbountytips infosec pentest security
Last synced: 18 Apr 2024
![](https://github.com/inonshk.png)
https://github.com/dwisiswant0/awesome-oneliner-bugbounty
A collection of awesome one-liner scripts especially for bug bounty tips.
awesome bash bug-bounty bugbounty bugbountytips hacktoberfest liner-scripts one-liners recon
Last synced: 12 Apr 2024
![](https://github.com/dwisiswant0.png)
https://github.com/insightglacier/Dictionary-Of-Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. ๆธ้ๆต่ฏใSRCๆผๆดๆๆใ็็ ดใFuzzing็ญๅญๅ ธๆถ้้กน็ฎใ
bruteforce bugbounty bugbountytips bughunting-methodology database dictionary dns fingerprint fuzzing iot-security password payloads pentest pentesting rce regex-pattern spring-boot subdomain websecurity wifi
Last synced: 12 Apr 2024
![](https://github.com/insightglacier.png)
https://github.com/Neelakandan-A/BugBounty_CheatSheet
BugBounty_CheatSheet
bugbounty-tool bugbounty-writeups bugbountytips bugbountytricks
Last synced: 12 Apr 2024
![](https://github.com/Neelakandan-A.png)
https://github.com/gwen001/bugbountytips
Webapp to search tips on Twitter through #bugbountytips
bugbounty bugbountytips hashtag pentesting php security twitter
Last synced: 12 Apr 2024
![](https://github.com/gwen001.png)
https://github.com/R0X4R/Garud
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
assetfinder bash-script bugbounty bugbounty-tool bugbountytips garud gf-patterns golang penetration-testing penetration-testing-tools reconnaissance subdomain-takeover vulnerability vulnerability-scanner
Last synced: 10 Apr 2024
![](https://github.com/R0X4R.png)
https://github.com/serain/bbrecon
Python library and CLI for the Bug Bounty Recon API
bug-bounty-recon bugbounty bugbountytips bugcrowd cybersecurity federacy hackenproof hackerone hacking osint recon security web-security yeswehack
Last synced: 10 Apr 2024
![](https://github.com/serain.png)
https://github.com/e1abrador/sub.Monitor
Self-hosted passive subdomain continous monitoring tool.
attack-surface-management bug-bounty bugbounty bugbounty-tools bugbountytips infosec monitoring-tool python python3 red-team-tools security subdomain-enumeration subdomain-scanner
Last synced: 08 Apr 2024
![](https://github.com/e1abrador.png)
https://github.com/dwisiswant0/wadl-dumper
Dump all available paths and/or endpoints on WADL file.
bugbounty bugbounty-tool bugbountytips go golang wadl xml xml-parser
Last synced: 06 Apr 2024
![](https://github.com/dwisiswant0.png)
https://github.com/gwen001/pentest-tools
A collection of custom security tools for quick needs.
audit bash bugbounty bugbountytips enumeration hacking nmap pentesting php python recon sectools security security-tools
Last synced: 05 Apr 2024
![](https://github.com/gwen001.png)
https://github.com/devanshbatham/Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
bugbounty bugbounty-blogs bugbounty-facebook bugbounty-writeups bugbounty-yahoo bugbountytips bughunting bughunting-methodology bughunting-writeups security-writeups
Last synced: 26 Mar 2024
![](https://github.com/devanshbatham.png)
https://github.com/aydinnyunus/PassDetective
PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of sensitive information in your command history.
bash bugbounty bugbounty-tool bugbountytips golang hacking kali kali-linux kali-linux-hacking linux red-team security security-tools shell shell-script zsh
Last synced: 17 Mar 2024
![](https://github.com/aydinnyunus.png)
https://github.com/0xmaximus/Galaxy-Bugbounty-Checklist
Tips and Tutorials for Bug Bounty and also Penetration Tests.
bug bugbounty bugbounty-checklist bugbounty-reports bugbounty-tool bugbountytips bugbountytricks bugcrowd bugs ethical-hacker ethical-hacking hackerone red-team red-teaming vulnerabilities vulnerability
Last synced: 17 Mar 2024
![](https://github.com/0xmaximus.png)
https://github.com/lutfumertceylan/top25-parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. ๐ก๏ธโ๏ธ๐ง
bugbounty bugbountytips infosec pentest-tool pentesting security vulnerability-detection vulnerability-research xss-detection
Last synced: 17 Mar 2024
![](https://github.com/lutfumertceylan.png)
https://github.com/hash3liZer/Subrake
๐ A DNS automated scanner and tool ๐ฑ๏ธ (Zone Transfer, DNS Zone Takeover, Subdomain Takeover).
bugbountytips dns-takeover reconnaissance subdomain-bruteforcing subdomain-enumeration subdomain-scanner subdomain-takeover zone-takeover zone-transfers
Last synced: 16 Mar 2024
![](https://github.com/hash3liZer.png)
https://github.com/Puliczek/CVE-2021-21123-PoC-Google-Chrome
๐ฑโ๐ป ๐ Google Chrome - File System Access API - vulnerabilities reported by Maciej Pulikowski | Total Bug Bounty Reward: $5.000 | CVE-2021-21123 and 5 more...
bugbounty bugbounty-writeups bugbountytips cve cybersecurity exploit hacking payload pentesing pentest red-team security security-writeups writeups
Last synced: 16 Mar 2024
![](https://github.com/Puliczek.png)
https://github.com/Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera
๐ฉ ๐ค๐ป [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337
bugbounty bugbounty-writeups bugbountytips cve cve-2022-0337 cybersecurity exploit hacking payload pentest pentesting red-team security security-writeups writeups
Last synced: 16 Mar 2024
![](https://github.com/Puliczek.png)