Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Bug Bounty

A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.

GitHub: https://github.com/topics/bugbounty
Wikipedia: https://en.wikipedia.org/wiki/Bug_bounty_program
Related Topics: security,penetration-testing,pentesting,pentest,
Aliases: bug-bounty,
Last updated: 2025-02-11 00:04:11 UTC
JSON Representation

https://github.com/4m3rr0r/gitversionhashsearch

GitVersionHashSearch is a bash script designed for bug bounty hunters, CTF participants, and red team operations. It allows you to search for specific patterns in the MD5 hashes of all versions of a file in a Git repository, making it a valuable tool for security assessments and exploit development.

bugbounty ctf gitversion gitversionhashsearch red-team

Last synced: 03 Feb 2025

https://github.com/palanioffcl/CTFation

I made this for my personal use to automate things like enumeration and all other stuffs to reduce time in recon and helps to claim first blood. ⛳ 😀

automation bash-script bugbounty ctf hacking linux penetration-testing pentesting

Last synced: 23 Oct 2024

https://github.com/mathis2001/jsembed

Simple Python tool to embed JavaScript code in different types of files (pdf and svg for now)

bugbounty fileupload javascript pdf pentest svg xss

Last synced: 09 Jan 2025

https://github.com/johnsaigle/hacking-toolkit

A collection of hacking utilities. Useful for CTFs and bug bounties.

bugbounty ctf-tools hacking penetration-testing

Last synced: 16 Jan 2025

https://github.com/GabrielCS0/security-trails

This is a tool to automate the search for subdomains on the website securitytrails.com

bugbounty pentesting python recon subdomains

Last synced: 23 Oct 2024

https://github.com/rix4uni/backupx

BackupX - Finding backup files using ffuf

backup backup-files backupx bugbounty ffuf wordlist

Last synced: 07 Feb 2025

https://github.com/carloocchiena/subdomain_scanner

A simple script that ping up to 10K most common subdomains in a target website and returns a list of finding.

bugbounty networking scanner vulnerability-scanners

Last synced: 26 Jan 2025

https://github.com/farinap5/headerparsing

Web Header Dump For Parsing

bugbounty header header-dump pentesting webpwn

Last synced: 21 Jan 2025

https://github.com/hunthubspace/bb-bugbountybash

This repository contains a collection of custom Bash functions designed to streamline and enhance the bug bounty hunting process.

automation bash-scripting bugbounty penetration-testing penetration-testing-tools

Last synced: 31 Jan 2025

https://github.com/macmod/forever

A simple tool that generates SSH command-line arguments to forward local addresses to multiple remote targets.

bugbounty pentest port-forwarding redteam ssh tools

Last synced: 01 Feb 2025

https://github.com/D0N-B0T/scripts

short Scripts i use for bugbounty and others.

bugbounty script

Last synced: 23 Oct 2024

https://github.com/rix4uni/gosqli

gosqli is a fast and simple tool for detecting blind SQL injection vulnerabilities. It supports scanning URLs with custom payloads, parallel requests, and response time-based verification.

bug-bounty bugbounty bugbountytips hacking infosec osint osint-resources osint-tool penetration-testing pentest-tool pentesting recon reconnaissance security security-tools sql-injection sqli threat-intelligence

Last synced: 07 Feb 2025

https://github.com/rix4uni/jscrawler

Fetches javascript file from a list of URLS or subdomains.

bugbounty hacking javascript pentesting recon reconnaissance urls

Last synced: 07 Feb 2025

https://github.com/mamad-1999/google-dorker

Simple Google Dork Generator for Cybersecurity

bug-bounty bugbounty cybersecurity dork dorker google-dorks googledork osint security

Last synced: 30 Jan 2025

https://github.com/mathis2001/EzComments

EzComments is a tool allowing you to get all html and js comments of each url given to him

bugbounty comments pentest recon

Last synced: 23 Oct 2024

https://github.com/y-mo4n1ngst3r/y-mo4n1ngst3r

Config files for my GitHub profile.

assembly bugbounty bugbounty-tool bugbounty-tools config cpp20 ctf ctf-challenges cyber-threat-intelligence cybersecurity github-config golang offensive-security pentesting redteaming

Last synced: 26 Jan 2025

https://github.com/it-jhack/subtaker

A tool to help find subdomain takeover vulnerabilities

bug-bounty bugbounty enumeration hacking infosec osint penetration-testing pentesting python recon reconnaissance subdomain subdomain-takeover

Last synced: 12 Jan 2025

https://github.com/cak/foot

Foot is a library that fetches a list of URLs and silly walks through each site to gather information.

bugbounty crawler scraping

Last synced: 14 Jan 2025

https://github.com/supreme-snaze/permutations

A local easy-to-use password manager written in python with multiple User Interfaces

audio-separation bugbounty combinations cupp deep-learning dns domains hacking pentest-tool permutation-algorithms permutation-invariant-training permutations phishing pytorch

Last synced: 22 Jan 2025

https://github.com/RandomRobbieBF/grafana-bruteforce

Grafana Bruteforce tool

brute-force bugbounty grafana red-team

Last synced: 23 Oct 2024

https://github.com/session-x/gitvulnexplorer

GitVulnExplorer is a tool for ethical hackers and bug bounty hunters to scan GitHub repositories for vulnerabilities using Google and GitHub dorks. It helps identify sensitive files, exposed credentials, and misconfigurations, making it easier to find and report security issues.

automationbugbounty bugbounty bugbountytools dorks dorksgithub github gitvulnexplorer gitvulnexplorerhacking hacking

Last synced: 24 Jan 2025

https://github.com/gwen001/10degres_hugo

http://10degres.net

blog bugbounty bugbountytips bugbountytools hugo pentesting sectools security security-tools

Last synced: 04 Jan 2025

https://github.com/emrekybs/web-auditchain

Automated script for advanced web security reconnaissance and enumeration, integrating popular tools to streamline the information gathering phase

bash bugbounty enumeration information-extraction information-gathering owasp reconnaissance websecurity

Last synced: 19 Jan 2025

https://github.com/codeb0ss/CVE-2023-3836

0day bugbounty codeb0ss codeboss cve cve-2023-3836 exploit exploiter hackerone uncodeboss webshell

Last synced: 23 Oct 2024

https://github.com/hunthubspace/cve-2024-3105-poc

A PoC Exploit for CVE-2024-3105 - The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress Remote Code Execution (RCE)

bugbounty cve cve-2024-3105 ethical-hacking exploit penetration-testing web

Last synced: 31 Jan 2025

https://github.com/lucabarile/zdi-can-16318

Exploits and reports for CVE-2023-32162

0-day 0day bugbounty cve-2023-32162 disclosure elevation-of-privilege exploit local-privilege-escalation logical-vulnerability lpe poc privilege-escalation proof-of-concept vulnerability wacom wacom-driver wacom-vulnerability write-up writeups zdi-can-16318

Last synced: 31 Dec 2024

https://github.com/y-mo4n1ngst3r/evillan

A tool for create encoded payloads and test them on targets

bugbounty bugbounty-tools cybersecurity hacking-tool offensive-security pentesting

Last synced: 09 Feb 2025

https://github.com/luis8456/minesweeper

A classic Minesweeper implementation built with HTML, CSS, and JavaScript. Features multilingual support, modular code, and a clean UI. Perfect for learning game development and refactoring practices. Play, explore, and contribute! 🚀

blacklist blacklist-extension bugbounty burpsuite coinhive cryptojacking game hacking java minesweeper-game mvi roboelectric room-database windows