Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Bug Bounty

A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.

https://github.com/cbrnrd/lacewing

🦗Your neighborhood bug bounty assistant

bug bugbounty bugcrowd hackerone ruby rubygems

Last synced: 31 Jan 2025

https://github.com/sudosuraj/Dorks

List of Google Dorks for sites that have responsible disclosure program / bug bounty program

bounty bug bugbounty dork dorks google googledorks sudosuraj

Last synced: 23 Oct 2024

https://github.com/mamad-1999/google-dorker

Simple Google Dork Generator for Cybersecurity

bug-bounty bugbounty cybersecurity dork dorker google-dorks googledork osint security

Last synced: 30 Jan 2025

https://github.com/hoshigakikisame/hostprobe

Host Probe is a Python script that simplifies host discovery using ICMP ping. It enables users to determine the status of a list of IP addresses or domain names, helping identify hosts that are online (UP) or offline (DOWN).

bugbounty cybersecurity prober

Last synced: 07 Jan 2025

https://github.com/mathis2001/ezcomments

EzComments is a tool allowing you to get all html and js comments of each url given to him

bugbounty comments pentest recon

Last synced: 09 Jan 2025

https://github.com/hunthubspace/bb-bugbountybash

This repository contains a collection of custom Bash functions designed to streamline and enhance the bug bounty hunting process.

automation bash-scripting bugbounty penetration-testing penetration-testing-tools

Last synced: 31 Jan 2025

https://github.com/macmod/forever

A simple tool that generates SSH command-line arguments to forward local addresses to multiple remote targets.

bugbounty pentest port-forwarding redteam ssh tools

Last synced: 01 Feb 2025

https://github.com/ichbinbork/JS_lookup

Tool that helps javascript source code analysis processes

bugbounty codereview websecurity

Last synced: 23 Oct 2024

https://github.com/codeb0ss/CVE-2023-20073-

Mass Exploit - CVE-2023-20073 - Cisco VPN Routers - [Unauthenticated Arbitrary File Upload and Stored XSS]

0day bug bugbounty cisco codeb0ss codeboss cve cve-2023-20073 exploit hackerone mass mass-exploit uncodeboss vpn-router

Last synced: 23 Oct 2024

https://github.com/sysevil/rusho

subdomain tool cli for shodan by Rust lang

bugbounty hacking hacking-tool recon reconnaissance rust rust-lang subdomain-enumeration

Last synced: 09 Feb 2025

https://github.com/luis8456/minesweeper

A classic Minesweeper implementation built with HTML, CSS, and JavaScript. Features multilingual support, modular code, and a clean UI. Perfect for learning game development and refactoring practices. Play, explore, and contribute! 🚀

blacklist blacklist-extension bugbounty burpsuite coinhive cryptojacking game hacking java minesweeper-game mvi roboelectric room-database windows

Last synced: 10 Feb 2025

https://github.com/rodnt/gogetcert

Use transparency logs to get subdomains from certificate

bugbounty golang subdomain

Last synced: 03 Jan 2025

https://github.com/mathis2001/lightssticheck

LightSSTICheck is a tool designed to find basic SSTI vulnerabilities

bugbounty pentest ssti

Last synced: 09 Jan 2025

https://github.com/h3xploit0x1/url-gatherer

Simple Bash Script To Gather URL From Target. Useful For BugBounty.

bugbounty ethical-hacking hacking pentesting tool

Last synced: 15 Jan 2025

https://github.com/rodnt/dssrecovery

Small tool to parser .DS_Store files

bugbounty dsstore infosec

Last synced: 03 Jan 2025

https://github.com/mathis2001/EzComments

EzComments is a tool allowing you to get all html and js comments of each url given to him

bugbounty comments pentest recon

Last synced: 23 Oct 2024

https://github.com/emrekybs/web-auditchain

Automated script for advanced web security reconnaissance and enumeration, integrating popular tools to streamline the information gathering phase

bash bugbounty enumeration information-extraction information-gathering owasp reconnaissance websecurity

Last synced: 19 Jan 2025

https://github.com/arshadkazmi42/npmdc-poc

NPM Dependency Confusion - PoC

bugbounty confusion dependency infosec npm poc

Last synced: 08 Feb 2025

https://github.com/farinap5/headerparsing

Web Header Dump For Parsing

bugbounty header header-dump pentesting webpwn

Last synced: 21 Jan 2025

https://github.com/GabrielCS0/security-trails

This is a tool to automate the search for subdomains on the website securitytrails.com

bugbounty pentesting python recon subdomains

Last synced: 23 Oct 2024

https://github.com/carloocchiena/subdomain_scanner

A simple script that ping up to 10K most common subdomains in a target website and returns a list of finding.

bugbounty networking scanner vulnerability-scanners

Last synced: 26 Jan 2025

https://github.com/y-mo4n1ngst3r/evillan

A tool for create encoded payloads and test them on targets

bugbounty bugbounty-tools cybersecurity hacking-tool offensive-security pentesting

Last synced: 09 Feb 2025

https://github.com/hackshiv/jsurlextractor

A simple bash script to extract more urls from js endpoints

bugbounty endpoints extractor javascript jsextractor

Last synced: 11 Jan 2025

https://github.com/incogbyte/lazyorigin

Find Origin IP Behind WAFs

bugbounty bugbounty-tool golang infosec pentesting

Last synced: 23 Jan 2025

https://github.com/mathis2001/jsembed

Simple Python tool to embed JavaScript code in different types of files (pdf and svg for now)

bugbounty fileupload javascript pdf pentest svg xss

Last synced: 09 Jan 2025

https://github.com/session-x/gitvulnexplorer

GitVulnExplorer is a tool for ethical hackers and bug bounty hunters to scan GitHub repositories for vulnerabilities using Google and GitHub dorks. It helps identify sensitive files, exposed credentials, and misconfigurations, making it easier to find and report security issues.

automationbugbounty bugbounty bugbountytools dorks dorksgithub github gitvulnexplorer gitvulnexplorerhacking hacking

Last synced: 24 Jan 2025

https://github.com/prvvv/submapper

A subdomain enumeration tool designed to find WAF's and 404 pages for takeover and enumeration

404 404-page amazon bug-bounty bugbounty cloudflare python3 subdomain-enumeration subdomain-scanner subdomain-takeover waf-detection

Last synced: 12 Jan 2025

https://github.com/rtfmkiesel/geopipe

A pipeline tool to filter domains by server location

bugbounty golang maxmind

Last synced: 26 Jan 2025

https://github.com/hunthubspace/cve-2024-3105-poc

A PoC Exploit for CVE-2024-3105 - The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress Remote Code Execution (RCE)

bugbounty cve cve-2024-3105 ethical-hacking exploit penetration-testing web

Last synced: 31 Jan 2025

https://github.com/vin-hacks/querywatch

Simple script to detect changes in a GraphQL api where introspection is enabled.

api bash bash-script bugbounty cybersecurity graphql tool

Last synced: 23 Jan 2025

Bug Bounty Awesome Lists
awesome-hacker-search-engines 510 Awesome-Bugbounty-Writeups 604 awesome-bugbounty-tools 339 WebHackersWeapons 408 awesome-mobile-security 246 awesome-hacking-lists 11,214 awesome-vulnerable-apps 88 MobileHackersWeapons 71 netlas-cookbook 234 awesome-bbht 80 Awesome-OSINT-For-Everything 1,196 awesome-cicd-attacks 82 awesome-cybersec 301 Awesome-HTTPRequestSmuggling 44 awesome-security 57 awesome-oauth-sec 54 awesome-thm-rooms 97
Bug Bounty Categories
Python 3,011 Cross Site Scripting (XSS) 1,929 Others 1,566 Go 1,149 Java 853 Shell 688 JavaScript 630 Uncategorized 538 C 520 Weapons 451 Remote Code Execution (RCE) 446 C# # 428 C++ 388 Subdomain Takeover 316 HTML 259 Android 245 PHP 228 PowerShell 228 Cross Site Request Forgery (CSRF) 187 TypeScript 164