Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Bug Bounty
A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
- GitHub: https://github.com/topics/bugbounty
- Wikipedia: https://en.wikipedia.org/wiki/Bug_bounty_program
- Related Topics: security,penetration-testing,pentesting,pentest,
- Aliases: bug-bounty,
- Last updated: 2025-02-13 00:04:21 UTC
- JSON Representation
https://github.com/vin-hacks/querywatch
Simple script to detect changes in a GraphQL api where introspection is enabled.
api bash bash-script bugbounty cybersecurity graphql tool
Last synced: 23 Jan 2025
https://github.com/johnsaigle/hacking-toolkit
A collection of hacking utilities. Useful for CTFs and bug bounties.
bugbounty ctf-tools hacking penetration-testing
Last synced: 16 Jan 2025
https://github.com/luis8456/minesweeper
A classic Minesweeper implementation built with HTML, CSS, and JavaScript. Features multilingual support, modular code, and a clean UI. Perfect for learning game development and refactoring practices. Play, explore, and contribute! 🚀
blacklist blacklist-extension bugbounty burpsuite coinhive cryptojacking game hacking java minesweeper-game mvi roboelectric room-database windows
Last synced: 10 Feb 2025
https://github.com/arshadkazmi42/npmdc-poc
NPM Dependency Confusion - PoC
bugbounty confusion dependency infosec npm poc
Last synced: 08 Feb 2025
https://github.com/lucabarile/zdi-can-16318
Exploits and reports for CVE-2023-32162
0-day 0day bugbounty cve-2023-32162 disclosure elevation-of-privilege exploit local-privilege-escalation logical-vulnerability lpe poc privilege-escalation proof-of-concept vulnerability wacom wacom-driver wacom-vulnerability write-up writeups zdi-can-16318
Last synced: 31 Dec 2024
https://github.com/bypasswin/js-monitor
Track JavaScript changes websites. Website bot can detected new API endpoints & more!
api api-change-log bugbounty hacking javascript js js-monitor monitor osint toolkit tools website
Last synced: 11 Feb 2025
https://github.com/4m3rr0r/gitversionhashsearch
GitVersionHashSearch is a bash script designed for bug bounty hunters, CTF participants, and red team operations. It allows you to search for specific patterns in the MD5 hashes of all versions of a file in a Git repository, making it a valuable tool for security assessments and exploit development.
bugbounty ctf gitversion gitversionhashsearch red-team
Last synced: 03 Feb 2025
https://github.com/hoshigakikisame/hostprobe
Host Probe is a Python script that simplifies host discovery using ICMP ping. It enables users to determine the status of a list of IP addresses or domain names, helping identify hosts that are online (UP) or offline (DOWN).
bugbounty cybersecurity prober
Last synced: 07 Jan 2025
https://github.com/supreme-snaze/permutations
A local easy-to-use password manager written in python with multiple User Interfaces
audio-separation bugbounty combinations cupp deep-learning dns domains hacking pentest-tool permutation-algorithms permutation-invariant-training permutations phishing pytorch
Last synced: 22 Jan 2025
https://github.com/dr4ks/natas_labs_solution
Hello, this is repository which has solutions for Natas Labs.
bugbounty cryptography ctf cyber-defense cybersecurity ethical-hacking exploit-development forensics natas-labs-solutions network network-sec penetration-testing security security-tools vulnerability-analysis web-exploitation
Last synced: 24 Dec 2024
https://github.com/hunthubspace/cve-2024-3105-poc
A PoC Exploit for CVE-2024-3105 - The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress Remote Code Execution (RCE)
bugbounty cve cve-2024-3105 ethical-hacking exploit penetration-testing web
Last synced: 31 Jan 2025
https://github.com/rix4uni/nucleihubquery
A bash script that extracts `shodan-query, google-query, censys-query, fofa-query, hunter-query, zoomeye-query` in nucleihub-templates.
bug-bounty bugbounty bugbountytips censys fofa google hacking hunter infosec nuclei nuclei-templates nucleihub-templates osint pentesting recon reconnaissance security security-tools shodan zoomeye
Last synced: 14 Feb 2025
https://github.com/rix4uni/ipfinder
IP Finder tool, ipfinder collects ip address from different sources like Shodan, Zoomeye, Viewdns, dig command, etc.
bug-bounty bugbounty bugbountytips dig hacking infosec osint osint-resources osint-tool penetration-testing pentest-tool pentesting recon reconnaissance security security-tools shodan threat-intelligence viewdns zoomeye
Last synced: 14 Feb 2025
https://github.com/gwen001/10degres_hugo
http://10degres.net
blog bugbounty bugbountytips bugbountytools hugo pentesting sectools security security-tools
Last synced: 04 Jan 2025
https://github.com/session-x/gitvulnexplorer
GitVulnExplorer is a tool for ethical hackers and bug bounty hunters to scan GitHub repositories for vulnerabilities using Google and GitHub dorks. It helps identify sensitive files, exposed credentials, and misconfigurations, making it easier to find and report security issues.
automationbugbounty bugbounty bugbountytools dorks dorksgithub github gitvulnexplorer gitvulnexplorerhacking hacking
Last synced: 24 Jan 2025
https://github.com/mathis2001/jsembed
Simple Python tool to embed JavaScript code in different types of files (pdf and svg for now)
bugbounty fileupload javascript pdf pentest svg xss
Last synced: 09 Jan 2025
https://github.com/D0N-B0T/scripts
short Scripts i use for bugbounty and others.
Last synced: 23 Oct 2024
https://github.com/cak/foot
Foot is a library that fetches a list of URLs and silly walks through each site to gather information.
Last synced: 14 Jan 2025
https://github.com/palanioffcl/CTFation
I made this for my personal use to automate things like enumeration and all other stuffs to reduce time in recon and helps to claim first blood. ⛳ 😀
automation bash-script bugbounty ctf hacking linux penetration-testing pentesting
Last synced: 23 Oct 2024
https://github.com/randomrobbiebf/grafana-bruteforce
Grafana Bruteforce tool
brute-force bugbounty grafana red-team
Last synced: 21 Jan 2025
https://github.com/eagleEggs/bugBounties
Authorized dislosures of bugbounties that have been resolved
bugbounty bugcrowd fitbit penetration-testing security
Last synced: 23 Oct 2024
https://github.com/hackshiv/jsurlextractor
A simple bash script to extract more urls from js endpoints
bugbounty endpoints extractor javascript jsextractor
Last synced: 11 Jan 2025
https://github.com/mathis2001/EzComments
EzComments is a tool allowing you to get all html and js comments of each url given to him
bugbounty comments pentest recon
Last synced: 23 Oct 2024
https://github.com/rodnt/gogetcert
Use transparency logs to get subdomains from certificate
Last synced: 03 Jan 2025
https://github.com/GabrielCS0/security-trails
This is a tool to automate the search for subdomains on the website securitytrails.com
bugbounty pentesting python recon subdomains
Last synced: 23 Oct 2024
https://github.com/prvvv/submapper
A subdomain enumeration tool designed to find WAF's and 404 pages for takeover and enumeration
404 404-page amazon bug-bounty bugbounty cloudflare python3 subdomain-enumeration subdomain-scanner subdomain-takeover waf-detection
Last synced: 12 Jan 2025
https://github.com/mathis2001/ezcomments
EzComments is a tool allowing you to get all html and js comments of each url given to him
bugbounty comments pentest recon
Last synced: 09 Jan 2025
https://github.com/sarperavci/infinitedorkscanner
A premium OSINT tool that allows you to scan dorks on Search Engines WITHOUT LIMITS
bing-dorks bug-bounty bugbounty bugbounty-tool dork dork-scanner dork-scanning dorking-tool google-dork hacking hacking-tool infosec osint python sql sql-injection sqli vulnerability-scanners
Last synced: 06 Jan 2025
https://github.com/emrekybs/web-auditchain
Automated script for advanced web security reconnaissance and enumeration, integrating popular tools to streamline the information gathering phase
bash bugbounty enumeration information-extraction information-gathering owasp reconnaissance websecurity
Last synced: 19 Jan 2025
https://github.com/bonifield/jitt
simple jitter tool
bugbounty jitter jitter-calculation penetration-testing python3
Last synced: 18 Jan 2025
https://github.com/sudosuraj/Dorks
List of Google Dorks for sites that have responsible disclosure program / bug bounty program
bounty bug bugbounty dork dorks google googledorks sudosuraj
Last synced: 23 Oct 2024
https://github.com/carloocchiena/subdomain_scanner
A simple script that ping up to 10K most common subdomains in a target website and returns a list of finding.
bugbounty networking scanner vulnerability-scanners
Last synced: 26 Jan 2025
https://github.com/sysevil/rusho
subdomain tool cli for shodan by Rust lang
bugbounty hacking hacking-tool recon reconnaissance rust rust-lang subdomain-enumeration
Last synced: 09 Feb 2025
https://github.com/jsmoreira02/lfi-hunter
Automated tool to bypass filtering systems and exploit Local File Inclusion, created for Bug Bounty tests and better optimization during the hack (and with special attention to CTFs)
bugbounty ctf-tools cybersecurity hacking-tool lfi-exploitation
Last synced: 19 Jan 2025
https://github.com/mathis2001/lightssticheck
LightSSTICheck is a tool designed to find basic SSTI vulnerabilities
Last synced: 09 Jan 2025
https://github.com/rudsarkar/phar-vulnerability
Code for exploiting phar vulnerability for educational purpose for my Medium blog
bugbounty php phpphar source-code
Last synced: 19 Jan 2025
https://github.com/emrekybs/leaks
bash script to check data leakage on websites
bugbounty discovery leask reconnaissance webpentesting
Last synced: 19 Jan 2025
https://github.com/h3xploit0x1/url-gatherer
Simple Bash Script To Gather URL From Target. Useful For BugBounty.
bugbounty ethical-hacking hacking pentesting tool
Last synced: 15 Jan 2025
https://github.com/shingareom/pentestingtools
This repository contains a collection of tools designed for automating penetration testing, while also being valuable for manual testing. Leveraging these tools can enhance both the efficiency and effectiveness of your security assessments.
bugbounty pentesting-tools webpentest
Last synced: 19 Jan 2025
https://github.com/isanjaymenon/awesome-thm-rooms
Awesome TryHackMe Rooms - WIP ⌛
awesome awesome-lists bugbounty cybersecurity infosec tryhackme tryhackme-roadmap
Last synced: 09 Dec 2024
