Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Bug Bounty
A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
- GitHub: https://github.com/topics/bugbounty
- Wikipedia: https://en.wikipedia.org/wiki/Bug_bounty_program
- Related Topics: security,penetration-testing,pentesting,pentest,
- Aliases: bug-bounty,
- Last updated: 2024-11-14 00:03:15 UTC
- JSON Representation
https://swisskyrepo.github.io/PayloadsAllTheThings/
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
bounty bugbounty bypass cheatsheet enumeration hacking hacktoberfest methodology payload payloads penetration-testing pentest privilege-escalation redteam security vulnerability web-application
Last synced: 05 Aug 2024
https://github.com/swisskyrepo/payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
bounty bugbounty bypass cheatsheet enumeration hacking hacktoberfest methodology payload payloads penetration-testing pentest privilege-escalation redteam security vulnerability web-application
Last synced: 28 Oct 2024
https://github.com/swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
bounty bugbounty bypass cheatsheet enumeration hacking hacktoberfest methodology payload payloads penetration-testing pentest privilege-escalation redteam security vulnerability web-application
Last synced: 26 Oct 2024
https://github.com/maurosoria/dirsearch
Web path scanner
appsec brute bug-bounty bugbounty dirsearch enumeration fuzzer fuzzing hacking hacking-tool infosec penetration-testing pentest-tool pentesting python red-teaming redteam scanner security wordlist
Last synced: 28 Oct 2024
https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
bug-bounty bug-bounty-hunters bugbounty education hackers hacking learn2hack pentest ssrf web-security xss
Last synced: 31 Oct 2024
https://github.com/nahamsec/resources-for-beginner-bug-bounty-hunters
A list of resources for those interested in getting started in bug bounties
bug-bounty bug-bounty-hunters bugbounty education hackers hacking learn2hack pentest ssrf web-security xss
Last synced: 15 Oct 2024
https://github.com/subfinder/subfinder
Fast passive subdomain enumeration tool.
bugbounty hacking osint reconnaissance subdomain-enumeration subdomains
Last synced: 25 Oct 2024
https://github.com/projectdiscovery/subfinder
Fast passive subdomain enumeration tool.
bugbounty hacking osint reconnaissance subdomain-enumeration subdomains
Last synced: 29 Oct 2024
https://github.com/shmilylty/OneForAll
OneForAll是一款功能强大的子域收集工具
altname bugbounty content-security-policy crossdomainxml information-gathering nsec oneforall osint pentest-tool python recon subdomain subdomain-bruteforcing subdomain-collection subdomain-crawler subdomain-enumeration subdomain-scanner subdomain-takeover subdomian-find zone-transfers
Last synced: 05 Nov 2024
https://github.com/shmilylty/oneforall
OneForAll是一款功能强大的子域收集工具
altname bugbounty content-security-policy crossdomainxml information-gathering nsec oneforall osint pentest-tool python recon subdomain subdomain-bruteforcing subdomain-collection subdomain-crawler subdomain-enumeration subdomain-scanner subdomain-takeover subdomian-find zone-transfers
Last synced: 03 Nov 2024
https://github.com/projectdiscovery/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
bugbounty exploit-development exploits fingerprint hacktoberfest nuclei nuclei-checks nuclei-templates security vulnerability-detection
Last synced: 14 Oct 2024
https://github.com/yogeshojha/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
bug-bounty bugbounty hacking information-gathering infosec osint penetration-testing pentesting recon recon-engine reconnaissance rengine scanner scanner-web scanning security-tools
Last synced: 31 Oct 2024
https://github.com/OWASP/wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
application-security appsec best-practices bugbounty guide hacking hacktoberfest owasp penetration-testing pentesting security
Last synced: 01 Nov 2024
https://github.com/projectdiscovery/httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
bugbounty cli cybersecurity hacktoberfest http lib osint pentest-tool pipeline ssl-certificate
Last synced: 13 Nov 2024
https://github.com/owasp/wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
application-security appsec best-practices bugbounty guide hacking hacktoberfest owasp penetration-testing pentesting security
Last synced: 15 Oct 2024
https://github.com/payloadbox/xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
bugbounty cross-site-scripting dom-based payload payloads reflected-xss-vulnerabilities self-xss websecurity website-vulnerability xss xss-attacks xss-detection xss-exploitation xss-injection xss-payload xss-payloads xss-poc xss-scanner xss-scanners xss-vulnerability
Last synced: 14 Oct 2024
https://github.com/KathanP19/HowToHunt
Collection of methodology and test case for various web vulnerabilities.
bugbounty bugbountytips bughunting-methodology tutorials vulnerability
Last synced: 27 Oct 2024
https://github.com/kathanp19/howtohunt
Collection of methodology and test case for various web vulnerabilities.
bugbounty bugbountytips bughunting-methodology tutorials vulnerability
Last synced: 14 Oct 2024
https://github.com/dstotijn/hetty
An HTTP toolkit for security research.
bugbounty http infosec mitm pentesting proxy
Last synced: 14 Oct 2024
https://github.com/EdOverflow/bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
bugbounty infosec payloads security
Last synced: 05 Nov 2024
https://github.com/edoverflow/bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
bugbounty infosec payloads security
Last synced: 14 Oct 2024
https://github.com/daffainfo/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
bug bugbounty bugbountytips bypass hacking infosec payload payloads penetration-testing pentest reconnaissance security vulnerability
Last synced: 06 Nov 2024
https://github.com/daffainfo/allaboutbugbounty
All about bug bounty (bypasses, payloads, and etc)
bug bugbounty bugbountytips bypass hacking infosec payload payloads penetration-testing pentest reconnaissance security vulnerability
Last synced: 31 Oct 2024
https://github.com/six2dez/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
bug-bounty bugbounty dns fuzzing hacking nuclei osint penetration-testing pentest pentest-tool pentesting recon reconnaissance scanner security security-tools subdomain vulnerabilities
Last synced: 31 Oct 2024
https://github.com/ihebski/DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
blueteam bugbounty cheatsheet credentials-gathering cybersecurity default-password exploit infosec offensive-security pentest pentesting
Last synced: 03 Nov 2024
https://github.com/GhostTroops/scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
0day attack auto brute-force bugbounty bugbounty-tools golang hacker hacktools nmap nuclei pentest-tool recon security-scanner security-tools ssh tools vulnerabilities-scan vulnerability-detection vulnerability-scanners
Last synced: 31 Oct 2024
https://github.com/ghosttroops/scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
0day attack auto brute-force bugbounty bugbounty-tools golang hacker hacktools nmap nuclei pentest-tool recon security-scanner security-tools ssh tools vulnerabilities-scan vulnerability-detection vulnerability-scanners
Last synced: 15 Oct 2024
https://github.com/hktalent/scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
0day attack auto brute-force bugbounty bugbounty-tools golang hacker hacktools nmap nuclei pentest-tool recon security-scanner security-tools ssh tools vulnerabilities-scan vulnerability-detection vulnerability-scanners
Last synced: 04 Aug 2024
https://github.com/ihebski/defaultcreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
blueteam bugbounty cheatsheet credentials-gathering cybersecurity default-password exploit infosec offensive-security pentest pentesting
Last synced: 29 Oct 2024
https://github.com/j3ssie/Osmedeus
A Workflow Engine for Offensive Security
attack-surface attack-surface-management bug-bounty bugbounty go golang hacking hacking-tool information-gathering osint penetration-testing pentest-tool pentesting reconnaissance scanning security security-tools
Last synced: 24 Oct 2024
https://github.com/j3ssie/osmedeus
A Workflow Engine for Offensive Security
attack-surface attack-surface-management bug-bounty bugbounty go golang hacking hacking-tool information-gathering osint penetration-testing pentest-tool pentesting reconnaissance scanning security security-tools
Last synced: 14 Oct 2024
https://github.com/dwisiswant0/apkleaks
Scanning APK file for URIs, endpoints & secrets.
android-security apk apk-parser bugbounty mobile-security reverse-engineering scanning-apk static-analysis
Last synced: 29 Oct 2024
https://github.com/edoverflow/can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
bugbounty infosec list security subdomain subdomain-takeovers
Last synced: 10 Nov 2024
https://github.com/payloadbox/sql-injection-payload-list
🎯 SQL Injection Payload List
attacker bugbounty hacking injection injection-attacks injection-payloads owasp-top-10 payload payloads security-research sql-inject sql-injection sql-injection-attack sql-injection-attacks sql-injection-exploitation sql-injection-filterer sql-injection-payloads sql-injection-proof sql-injections websecurity
Last synced: 15 Oct 2024
https://github.com/EdOverflow/can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
bugbounty infosec list security subdomain subdomain-takeovers
Last synced: 24 Oct 2024
https://github.com/hakluke/hakrawler
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
bugbounty crawling hacking osint pentesting recon reconnaissance
Last synced: 15 Oct 2024
https://github.com/commixproject/commix
Automated All-in-One OS Command Injection Exploitation Tool.
bugbounty command-injection commix detection exploitation open-source pentesting python takeover vulnerability-scanner
Last synced: 15 Oct 2024
https://github.com/blacklanternsecurity/bbot
A recursive internet scanner for hackers.
asm attack-surface-management automation bugbounty cli command-line-tool hacking neo4j osint osint-framework pentesting python recon recursion scanner security-tools subdomain-enumeration subdomain-scanner subdomains
Last synced: 29 Oct 2024
https://github.com/hahwul/dalfox
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
bugbounty bugbounty-tool cicd-pipeline devsecops golang hacktoberfest security vulnerability xss xss-bruteforce xss-detection xss-exploit xss-scanner
Last synced: 29 Oct 2024
https://github.com/1N3/IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
attack bugbounty burpsuite burpsuite-engagement burpsuite-intruder fuzz fuzz-lists fuzzing injection intruder payloads sql-injection
Last synced: 24 Oct 2024
https://github.com/1n3/intruderpayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
attack bugbounty burpsuite burpsuite-engagement burpsuite-intruder fuzz fuzz-lists fuzzing injection intruder payloads sql-injection
Last synced: 14 Oct 2024
https://github.com/Findomain/Findomain
The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API Keys for sources and much more.
bugbounty dns osint subdomains
Last synced: 30 Oct 2024
https://github.com/findomain/findomain
The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API Keys for sources and much more.
bugbounty dns osint subdomains
Last synced: 15 Oct 2024
https://github.com/edu4rdshl/findomain
The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API Keys for sources and much more.
bugbounty dns osint subdomains
Last synced: 11 Aug 2024
https://github.com/antonio-morales/Fuzzing101
An step by step fuzzing tutorial. A GitHub Security Lab initiative
afl afl-fuzz bug-hunting bugbounty education fuzz-testing fuzzer fuzzilli fuzzing hacking security testing vulnerabilities
Last synced: 02 Nov 2024
https://github.com/gwen001/pentest-tools
A collection of custom security tools for quick needs.
audit bash bugbounty bugbountytips enumeration hacking nmap pentesting php python recon sectools security security-tools
Last synced: 15 Oct 2024
https://github.com/codingo/NoSQLMap
Automated NoSQL database enumeration and web application exploitation tool.
bugbounty couchdb databases enumeration hacking hacking-tool hacktoberfest mongodb mongodb-database nosql nosql-databases offensive-security penetration-testing redis scanner security-audit security-tools security-toolset sql-injection web-application-security
Last synced: 31 Oct 2024
https://github.com/codingo/nosqlmap
Automated NoSQL database enumeration and web application exploitation tool.
bugbounty couchdb databases enumeration hacking hacking-tool hacktoberfest mongodb mongodb-database nosql nosql-databases offensive-security penetration-testing redis scanner security-audit security-tools security-toolset sql-injection web-application-security
Last synced: 10 Oct 2024
https://github.com/jonaslejon/malicious-pdf
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
bugbounty bugbounty-tool pdf pdf-generation penetration-test penetration-testing penetrationtesting pentesting pentesting-tools python redteam redteaming scanner
Last synced: 15 Oct 2024
https://github.com/opsdisk/pagodo
pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching
bugbounty dork ghdb google google-dork google-dorks google-hacking-database osint osint-python python yagooglesearch
Last synced: 09 Oct 2024
https://github.com/payloadbox/command-injection-payload-list
🎯 Command Injection Payload List
application application-security bugbounty command command-injection injection linux macos os os-injection payload payload-list security security-research security-testing security-vulnerability unix vulnerability vulnerability-research windows
Last synced: 14 Oct 2024
https://github.com/six2dez/OneListForAll
Rockyou for web fuzzing
bugbounty fuzzing hacking pentesting web-fuzzing wordlist wordlists
Last synced: 03 Nov 2024
https://github.com/devanshbatham/ParamSpider
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
bugbounty content-discovery fuzzing osint parameter parameter-finder urls-parameters
Last synced: 03 Nov 2024
https://github.com/devanshbatham/paramspider
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
bugbounty content-discovery fuzzing osint parameter parameter-finder urls-parameters
Last synced: 15 Oct 2024
https://github.com/antonio-morales/fuzzing101
An step by step fuzzing tutorial. A GitHub Security Lab initiative
afl afl-fuzz bug-hunting bugbounty education fuzz-testing fuzzer fuzzilli fuzzing hacking security testing vulnerabilities
Last synced: 15 Oct 2024
https://github.com/Voorivex/pentest-guide
Penetration tests guide based on OWASP including test cases, resources and examples.
bugbounty bypass owasp-tests payload penetration-testing pentest vulnerability writeup
Last synced: 24 Oct 2024
https://github.com/voorivex/pentest-guide
Penetration tests guide based on OWASP including test cases, resources and examples.
bugbounty bypass owasp-tests payload penetration-testing pentest vulnerability writeup
Last synced: 14 Oct 2024
https://github.com/az0x7/vulnerability-checklist
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
bugbounty security sqlinjection vulnerability vulnerability-checklist web-vulnerability
Last synced: 14 Oct 2024
https://github.com/projectdiscovery/uncover
Quickly discover exposed hosts on the internet using multiple search engines.
asm attack-surface bugbounty cli osint recon reconnaissance
Last synced: 29 Oct 2024
https://github.com/gh0stkey/web-fuzzing-box
Web Fuzzing Box - Web 模糊测试字典与一些Payloads
bugbounty fuzz fuzzing hacking penetration-testing pentesting
Last synced: 15 Oct 2024
https://github.com/inonshk/31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
api-pentest api-security bug-bounty bugbounty bugbountytips infosec pentest security
Last synced: 26 Oct 2024
https://github.com/jaeles-project/jaeles
The Swiss Army knife for automated Web Application Testing
bugbounty golang hacking infosec jaeles scanner security-tools vulnerabilities web-scanner
Last synced: 15 Oct 2024
https://github.com/gh0stkey/Web-Fuzzing-Box
Web Fuzzing Box - Web 模糊测试字典与一些Payloads
bugbounty fuzz fuzzing hacking penetration-testing pentesting
Last synced: 04 Aug 2024
https://github.com/hisxo/gitGraber
gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
bugbounty leaks monitor osint realtime redteam security-automation security-tools
Last synced: 01 Nov 2024
https://github.com/hisxo/gitgraber
gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
bugbounty leaks monitor osint realtime redteam security-automation security-tools
Last synced: 15 Oct 2024
https://github.com/screetsec/Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
bash bugbounty bugcrowd collected-subdomains enumeration framework hackerone httprobe kali kali-linux pentesting recon-subdomain reconnaissance scanner subdomain-enumeration subdomain-finder subdomain-scanner subfinder sublist3r
Last synced: 08 Nov 2024
https://github.com/screetsec/sudomy
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
bash bugbounty bugcrowd collected-subdomains enumeration framework hackerone httprobe kali kali-linux pentesting recon-subdomain reconnaissance scanner subdomain-enumeration subdomain-finder subdomain-scanner subfinder sublist3r
Last synced: 15 Oct 2024
https://github.com/Screetsec/Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
bash bugbounty bugcrowd collected-subdomains enumeration framework hackerone httprobe kali kali-linux pentesting recon-subdomain reconnaissance scanner subdomain-enumeration subdomain-finder subdomain-scanner subfinder sublist3r
Last synced: 24 Oct 2024
https://github.com/1N3/BruteX
Automatically brute force all services running on a target.
brute brute-force bruteforce bruteforce-attacks bruteforcing bugbounty hacking
Last synced: 30 Oct 2024
https://github.com/1n3/brutex
Automatically brute force all services running on a target.
brute brute-force bruteforce bruteforce-attacks bruteforcing bugbounty hacking
Last synced: 14 Oct 2024
https://github.com/terjanq/Tiny-XSS-Payloads
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
bugbounty ctf html javascript payloads xss
Last synced: 05 Nov 2024
https://github.com/terjanq/tiny-xss-payloads
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
bugbounty ctf html javascript payloads xss
Last synced: 14 Oct 2024
https://github.com/insightglacier/dictionary-of-pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
bruteforce bugbounty bugbountytips bughunting-methodology database dictionary dns fingerprint fuzzing iot-security password payloads pentest pentesting rce regex-pattern spring-boot subdomain websecurity wifi
Last synced: 14 Oct 2024
https://github.com/ssl/ezXSS
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
alert blind blind-xss bug bugbounty easy easy-to-use payload penetration-testing php redteam redteaming test xss xss-attacks xss-detection xss-exploitation xss-injection xss-scanner xss-vulnerability
Last synced: 03 Nov 2024
https://github.com/ssl/ezxss
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
alert blind blind-xss bug bugbounty easy easy-to-use payload penetration-testing php redteam redteaming test xss xss-attacks xss-detection xss-exploitation xss-injection xss-scanner xss-vulnerability
Last synced: 15 Oct 2024
https://github.com/haccer/subjack
Subdomain Takeover tool written in Go
bug-bounty bugbounty go golang hostile infosec pentesting security subdomain subdomain-takeover takeover
Last synced: 26 Sep 2024
https://github.com/insightglacier/Dictionary-Of-Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
bruteforce bugbounty bugbountytips bughunting-methodology database dictionary dns fingerprint fuzzing iot-security password payloads pentest pentesting rce regex-pattern spring-boot subdomain websecurity wifi
Last synced: 04 Aug 2024
https://github.com/Impact-I/reFlutter
Flutter Reverse Engineering Framework
bugbounty mobile-security reverse-engineering ssl-pinning
Last synced: 30 Oct 2024
https://github.com/HolyBugx/HolyTips
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
api api-security bugbounty bugbounty-writeups bugbountytips checklist pentest pentesting security web webapp websecurity writeups
Last synced: 04 Aug 2024
https://github.com/nsonaniya2010/subdomainizer
A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
bug-bounty bugbounty cloud-storage-services external-javascripts find-secrets find-subdomains madeinindia python3 s3-bucket s3-buckets secretfinder secrets security security-automation security-tools subdomain-enumeration subdomain-scanner
Last synced: 15 Oct 2024
https://github.com/nsonaniya2010/SubDomainizer
A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
bug-bounty bugbounty cloud-storage-services external-javascripts find-secrets find-subdomains madeinindia python3 s3-bucket s3-buckets secretfinder secrets security security-automation security-tools subdomain-enumeration subdomain-scanner
Last synced: 28 Oct 2024
https://github.com/lutfumertceylan/top25-parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
bugbounty bugbountytips infosec pentest-tool pentesting security vulnerability-detection vulnerability-research xss-detection
Last synced: 14 Oct 2024
https://github.com/d3mondev/puredns
Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
bugbounty dns dns-bruteforcer dns-lookup dns-resolution dns-resolver hacking massdns recon subdomain subdomain-bruteforcing
Last synced: 14 Oct 2024
https://github.com/wagiro/burpbounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
bug-bounty bugbounty burp-extensions burpsuite vulnerability-detection vulnerability-scanner
Last synced: 03 Nov 2024
https://github.com/wagiro/BurpBounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
bug-bounty bugbounty burp-extensions burpsuite vulnerability-detection vulnerability-scanner
Last synced: 01 Nov 2024
https://github.com/Sh1Yo/x8
Hidden parameters discovery suite
bugbounty content-discovery recon rust security web
Last synced: 31 Oct 2024
https://github.com/1N3/Findsploit
Find exploits in local and online databases instantly
bugbounty exploitdb exploits find hackers metasploit nmap pentest search
Last synced: 30 Oct 2024
https://github.com/0xradi/owasp-web-checklist
OWASP Web Application Security Testing Checklist
bugbounty checklist owasp security security-tools security-vulnerability testing
Last synced: 03 Nov 2024
https://github.com/0xRadi/OWASP-Web-Checklist
OWASP Web Application Security Testing Checklist
bugbounty checklist owasp security security-tools security-vulnerability testing
Last synced: 26 Oct 2024
https://github.com/1n3/findsploit
Find exploits in local and online databases instantly
bugbounty exploitdb exploits find hackers metasploit nmap pentest search
Last synced: 29 Oct 2024
https://github.com/metlo-labs/metlo
Metlo is an open-source API security platform.
api-gateway api-pentest api-security application-security aws bugbounty bugbounty-tools cybersecurity infosec infosectools metlo monitoring pentest security vulnerabilities vulnerability-detection
Last synced: 15 Oct 2024
https://github.com/harsh-bothra/learn365
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
application-security bugbounty bugbountytips community infosec learning pentesting pentesting-tools vulnerabilities
Last synced: 14 Oct 2024
https://github.com/1N3/BlackWidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
active application automated bugbounty csrf fuzzer lfi osint owasp passive python rce rfi scan scanner spider sqli vulnerability web xss
Last synced: 01 Nov 2024
https://github.com/1n3/blackwidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
active application automated bugbounty csrf fuzzer lfi osint owasp passive python rce rfi scan scanner spider sqli vulnerability web xss
Last synced: 15 Oct 2024
https://github.com/edoardottt/cariddi
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
bugbounty crawler crawling endpoint-discovery endpoints go golang hacktoberfest infosec osint penetration-testing pentesting recon reconnaissance redteam scraper secret-keys secrets-detection security security-tools
Last synced: 15 Oct 2024