Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Bug Bounty
A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
- GitHub: https://github.com/topics/bugbounty
- Wikipedia: https://en.wikipedia.org/wiki/Bug_bounty_program
- Related Topics: security,penetration-testing,pentesting,pentest,
- Aliases: bug-bounty,
- Last updated: 2024-11-16 00:03:27 UTC
- JSON Representation
https://github.com/machine1337/sqlscan
A small and an efficient tool to find SQL injection vulnerability in a websites.
automation-framework bugbounty bugbounty-tool hacking machine1337 sql sqli sqlinjection
Last synced: 10 Nov 2024
https://github.com/0xpugal/bugbounty_profile
Automate bug bounty recon using bash alias
bash bash-alias bash-profile bugbounty recon reconnaissance
Last synced: 08 Nov 2024
https://github.com/3nock/ote-templates
Community curated list of templates for the OSINT template engine.
attack-surfaces bugbounty fingerprinting osint recon security templates
Last synced: 09 Nov 2024
https://github.com/machine1337/open-redirector
A small and efficient tool to find open redirect vulnerabilities.
bugbounty hacking machine1337 openredirect-scanner vulnerabilities
Last synced: 10 Nov 2024
https://github.com/Traumatism/raycharles
Blind RCE fuzzer
bugbounty command-injection fuzz fuzzer fuzzing hacking injection pwn rce remote-code-execution
Last synced: 23 Oct 2024
https://github.com/gwen001/dnsexpire
Test domain expiration dates.
bugbounty dns domains pentesting php python security-tools subdomains
Last synced: 09 Nov 2024
https://github.com/robotshell/robotscraper
RobotScraper is a simple tool written in Python to check each of the paths found in the robots.txt file and what HTTP response code they return.
bounty-hunting-tools bugbounty hacking infosec python robots scraper tool
Last synced: 08 Nov 2024
https://github.com/cosad3s/salsa
SALSA 💃⚡ - SALesforce Scanner for Aura (and beyond). Enumeration of vulnerabilities and misconfigurations against Salesforce endpoint.
bugbounty hacking salesforce security
Last synced: 29 Oct 2024
https://github.com/enenumxela/ps.sh
A wrapper around tools used for port scanning(nmap, naabu & masscan), the goal being reducing scan time, increasing scan efficiency and automating the workflow.
bashscript bashscripting bug-bounty bugbounty bugbounty-tool enumeration masscan naabu netwok-mapping nmap open-port-check open-port-check-script penetration-testing penetration-testing-tools pentesting port-scaning recon reconnaissance service-discovery
Last synced: 06 Nov 2024
https://github.com/hackshiv/hackbot
A simple hackingbot for terminal usage (Able to learn and adapt from users).
ai bugbounty bugbountytools chatgpt chatgpt4 hacker hacking machine-learning mistral pentest pentesting pentesting-tools python python3 securityresearch securityresearchers simple-project wormgpt
Last synced: 12 Nov 2024
https://github.com/gwen001/gitpillage
Extract data from a .git directory.
bugbounty endpoints git github pentesting python secrets security-tools urls
Last synced: 09 Nov 2024
https://github.com/crypticq/DNS_Enumerator
bugbounty cybersecurity hacking networking pentest-tool pentesting subdomain-enumeration
Last synced: 23 Oct 2024
https://github.com/lucasmartinelle/AnotherVulnerableWebApp
bugbounty dvwa php7 security training vulnerabilities vulnerable web
Last synced: 04 Aug 2024
https://github.com/leakix/leakixclient-python
Python Client to LeakIX API
attack-surface-management bounty bugbounty hacktoberfest infosec leakix osint python redteam security vulnerability
Last synced: 11 Nov 2024
https://github.com/9oelm/atm
A set of AuToMation scripts for hacking.
automation bugbounty hacking infosec script web-hacking
Last synced: 23 Oct 2024
https://github.com/Markdown-Bug-Bounty-Recon/Markdown-Bug-Bounty-Recon
A recon Framework for Bug Bounty Hunters that would convert the output of a script into Markdown syntax document, which would help them to make better notes, have everything in one document, or concentrating on one domain.md document.
bug-bounty bugbounty security security-tools
Last synced: 04 Aug 2024
https://github.com/DEMON1A/Blinder
A script written in python3 to spread blind cross-site scripting payloads on HTTP requests headers
automation blinder bugbounty bugbounty-tool python3 ssti tool xss xsshunter
Last synced: 04 Aug 2024
https://github.com/fasalmbt/reconme
Recon tool
automation bugbounty recon recontool
Last synced: 04 Aug 2024
https://github.com/machine1337/hackguard
FAST WEB APPLICATION VULNERABILITY SCANNER written in python3
bugbounty cybersecurity hacking machine1337 penetration sql-injection vulnerability-detection vulnerability-scanners web-application-fr web-application-scan web-scanning
Last synced: 10 Nov 2024
https://github.com/topscoder/nuclei-zero-day
This repository contains random Nuclei templates I've created. Most of them based on recent security issues and exploits.
bugbounty infosec nuclei nuclei-templates security
Last synced: 13 Nov 2024
https://github.com/c-f/lel
Visualization layer and helper for relevant IT related documentation and operation
bugbounty documentation-tool golang graph lel logger react redteam-infrastructure
Last synced: 04 Aug 2024
https://github.com/krishpranav/sniff
A Simple Golang Tool That Automates OSINT For Threat Intelligence And Mapping Your Attack Surface.
attack attack-defense attack-surface attack-surfaces bugbounty go golang recon reconnaissance scanner security web-security
Last synced: 15 Oct 2024
https://github.com/machine1337/lfiscan
A small and fast bash script to automate LFI vulnerability.
bugbounty hacking lfi lfi-exploitation machine1337 shell
Last synced: 10 Nov 2024
https://github.com/stackoverflowexcept1on/how-to-hack-github-actions
How to hack Github Actions if you're smart enough; I'm not gay but 500$ is 500$!
bugbounty cpp20 hackerone-reports hacking
Last synced: 12 Nov 2024
https://github.com/0xdln1/getlevels
Tool for sorting different Level of subdomains form 1...N
bugbounty getlevels infosec python subdomain-enumeration subdomainlist subdomains
Last synced: 04 Aug 2024
https://github.com/mrlew1s/SubdomainTakeover
Small python or powershell script to look for potential subdomain takeover vulnerabilities via vulnerable Alias.
bugbounty offensive offensive-security pentest-scripts pentest-tool powershell python3 security security-tools subdomain subdomain-takeover takeover takeover-subdomain vulnerabilities vulnerability vulnerability-detection vulnerability-scanners
Last synced: 04 Aug 2024
https://github.com/mathis2001/files-upload
Some useful files for upload features pentesting
bugbounty file-upload pentest pentesting php svg webshell
Last synced: 11 Nov 2024
https://github.com/robotshell/robotScraper
RobotScraper is a simple tool written in Python to check each of the paths found in the robots.txt file and what HTTP response code they return.
bounty-hunting-tools bugbounty hacking infosec python robots scraper tool
Last synced: 04 Aug 2024
https://github.com/umair9747/seize
A Command-line Utility written in Go for generating images of your CLI output using stdin
automation bugbounty cli command-line command-line-tool cybersecurity golang hacking linux programming
Last synced: 09 Nov 2024
https://github.com/terjanq/xss-challenge-solutions
This repository is an interactive collection of my solutions to various XSS challenges.
bugbounty ctf-challenges ctf-writeups javascript xss-challenges
Last synced: 13 Nov 2024
https://github.com/indiancybertroops/Web-See
Web-See is Tool For Checkout Status Of Urls in Mass Its For Bug Bounty Hunters And Black Hat Hackers It Will Save Your Valuable Time Script is Designed By Indian Cyber Troops
200 202 301 302 400 404 500 bugbounty bugbountyrecon defacing domain-checker ict icttools indiancybertroops indianhacker status-checker web-see webstatus
Last synced: 23 Oct 2024
https://github.com/gwen001/shottheworld
PHP tool that takes screenshots of a given ips/ports combo list and then try to guess the service.
bugbounty ips pentesting php ports security-tools socket
Last synced: 09 Nov 2024
https://github.com/machine1337/jsscanner
An Efficent tool to find juicy secrets in javascript source code. Automate Your Javascript hunting using this tool.
bugbounty bugbounty-tool hackerone hacking javascript-recon jsscanner machine1337 reconn
Last synced: 10 Nov 2024
https://github.com/hueristiq/xurlbits
A CLI utility to pull out bits of URLs.
bugbounty go golang infosec parser reconnaissance url url-parsing
Last synced: 06 Nov 2024
https://github.com/edoverflow/bounty-pls
A Chrome extension that spices up those #togetherwehitharder tweets.
Last synced: 10 Nov 2024
https://github.com/Zarcolio/1pfuscat0r
A tool to automatically generate alternative IP representations, a rewritten version of IPFuscator
bugbounty ctf hacking ip-address obfuscation obfuscator
Last synced: 04 Aug 2024
https://github.com/h0x0er/andromanifest
AndroidManifest.xml parser written in go
android android-manifest androidsecurity bugbounty golang mobile security-tools
Last synced: 23 Oct 2024
https://github.com/random-robbie/selenium-abuser
Abuse Open Selenium Gird or Node to get access to metadata endpoint.
bugbounty hacker iam-credentials iam-role selenium selenium-grid selenium-python
Last synced: 09 Nov 2024
https://github.com/momenbasel/liffier
tired of manually add dot-dot-slash to your possible path traversal? this short snippet will increment ../ on the URL.
bugbounty python python3 vulnerability-scanners
Last synced: 11 Oct 2024
https://github.com/melbadry9/domain_reg
Check domain availability for registration
bugbounty domain-registration recon
Last synced: 04 Aug 2024
https://github.com/nsonaniya2010/sanfinder
It finds Subject Alternative Names for a given list of domains
bug-bounty bug-hunting bugbounty infosec madeinindia security security-tools
Last synced: 08 Nov 2024
https://github.com/krishpranav/packetkit
An Advanced Network Packet Sniffer Built In Rust
bugbounty hacking hackingtools network network-scanner pcap pentesting rust rust-security security sniffer
Last synced: 15 Oct 2024
https://github.com/machine1337/clickjack
An efficient tool To Find click jacking vulnerabilities in easiest way with poc
bugbounty clickjacking clickjacking-vulnerability cybersecurity hacking machine1337
Last synced: 10 Nov 2024
https://github.com/root4loot/recrawl
A Web URL crawler written in Go
bugbounty crawler discovery enumeration go golang recon reconnaissance web
Last synced: 06 Nov 2024
https://github.com/tkmru/xss_dict
xss dictionary for Google 日本語入力
bugbounty bugbountytips xss-detection
Last synced: 15 Oct 2024
https://github.com/0xpugal/pd-recon
A bash script which uses Project Discovery tools for bug bounty reconnaissance.
bugbounty projectdiscovery recon
Last synced: 08 Nov 2024
https://github.com/zha0gongz1/html-absorber
一款可批量提取url或本地html文件中注释、属性及标签内容的工具
bash-script bugbounty golang hack hacktool html infosec redteam
Last synced: 09 Oct 2024
https://github.com/shazsyed/FavHunt
Favicon based recon for faster fingerprinting of web services
bugbounty fingerprinting hacking recon reconaissance webservices
Last synced: 04 Aug 2024
https://github.com/Iamstanlee/bee
Bee Recon Framework
bugbounty infosec pentesting-tools
Last synced: 04 Aug 2024
https://github.com/root4loot/screener
Take screenshots of webpages
aquatone bugbounty chromedp go golang gowitness pentesting screenshot web
Last synced: 06 Nov 2024
https://github.com/cryonayes/GoFilter
A tool to filter URLs by parameter count or size
bugbounty bugbounty-tool golang
Last synced: 04 Aug 2024
https://github.com/DevanshRaghav75/bugbounty-dorks
Google dorks for bug bounty hunting
bugbounty google-dorks security
Last synced: 23 Oct 2024
https://github.com/QSoloX/whoisyou
Take a list of domains and output the hostname and ip.
bugbounty golang hacking hacking-tools infosec
Last synced: 04 Aug 2024
https://github.com/k2haxor/HACK-THEM-ALL
Hack like a pro
bugbounty exploits hacking penetration-testing pentesting
Last synced: 23 Oct 2024
https://github.com/MPaandeey/dlevel
A tool get level of subdomain from 1....n
bugbounty infosec subdomain subdomainlist subdomains subdomains-enumeration tool tools
Last synced: 04 Aug 2024
https://github.com/amine123ait/bug_bounty
opensource bug bounty toolkit/framework
bugbounty bugbounty-tool bugbountytips bugbountytricks hacking programing
Last synced: 23 Oct 2024
https://github.com/machine1337/admin-finder
A small tool to find admin panel of the website
admin admin-dashboard adminpanel adminpanelfinder bugbounty hacking machine1337
Last synced: 10 Nov 2024
https://github.com/tarunkoyalwar/nestle
Match and Extract Nested groups (ex: graphql) using regex with Nestle
automation bugbounty bugbounty-tool go graphql javascript-recon javascript-regex recon regex
Last synced: 13 Oct 2024
https://github.com/Imran407704/multi-urls
This is a simple bash script for getting passive urls from a gau, gauplus, waybackurls from a multiple urls list.
automation bugbounty bugbounty-tool infosectools
Last synced: 23 Oct 2024
https://github.com/alanEG/Gosna
Dynamic url monitor
bugbounty change-detection url url-change url-change-notification url-monitor
Last synced: 04 Aug 2024
https://github.com/cosad3s/sonarleaks
Digging into private data through Sonarcloud public projects
bugbounty hacking osint sonarqube
Last synced: 29 Oct 2024
https://github.com/jaydhulia/go-url-fuzz
URL Fuzzer in Go - Find hidden directories!
Last synced: 04 Nov 2024
https://github.com/RESETHACKER-COMMUNITY/ReporterX
Template based report writing tool.
bug-hunting bug-reporting bug-reproduction bugbounty reporterx
Last synced: 23 Oct 2024
https://github.com/whomrx666/xbughunting
This is a tool for bug hunters
bugbounty bughunter bughunting hacking hacking-tool information-gathering information-gathering-tools kali-linux linux termux xbughunting
Last synced: 11 Nov 2024
https://github.com/Revenant40/2tearsinabucket
Enumerate s3 buckets for a specific target.
bugbounty enumeration go golang s3-bucket
Last synced: 03 Nov 2024
https://github.com/hackshiv/textfilterfuzzer
TextFilterFuzzer For Directory Fuzzing - filter for (e.g, Not Found, 404, Not Accepted)
bugbounty bugbounty-tool bughunter contentdiscovery cybersecurity directory-bruteforce fuzzer fuzzing github hacker hacking hacking-tools python python3
Last synced: 12 Nov 2024
https://github.com/arshadkazmi42/blc
Broken link checker
blc broken-link-checker broken-link-finder bug-bounty bugbounty crawler python
Last synced: 28 Oct 2024
https://github.com/machine1337/cors_scanner
Fast CORS Misconfiguration Scanner
bugbounty cors hacking misconfiguration pentesting
Last synced: 10 Nov 2024
https://github.com/sa7mon/h1rss
An RSS feed generator for HackerOne Hacktivity
bugbounty golang hackerone rss
Last synced: 12 Nov 2024
https://github.com/bountyhacking/Payloads_Tool_box
At this repo you can find any tools, tricks or templates for general penetration testing assesment
bounty bounty-hunting-tools bug bugbounty burpsuite curl fuzzing payload payloads pentesting sqli sqlmap tty xss
Last synced: 23 Oct 2024
https://github.com/z3n70/CVE-2021-43798
Simple program for exploit grafana
bugbounty cybersecurity exploit grafana pentesting
Last synced: 23 Oct 2024
https://github.com/proditis/orunmila
a simple tool to refine and produce lists for your bugbounty and pen-test engagements
bugbounty dirbuster ffuf pen-test-tools pen-testing penetration-testing pentest-tool pentesting
Last synced: 15 Oct 2024
https://github.com/sweetsoftware/vhostmap
Find virtual hosts (vhosts) from IP addresses and hostnames
bug-bounty bugbounty bugbounty-tool hostmapper hostnames ip osint penetration-testing python3 recon reconnaissance vhost vhosts virtual-hosts
Last synced: 08 Nov 2024
https://github.com/proditis/mini-tools
A collection of mini tools and snippets for various purposes
bugbounty csp cybersecurity dns hacking sni snippets
Last synced: 15 Oct 2024
https://github.com/fabiosmuu/fabiosmuu
am bugbounty construct fabio fabio-smuu fabiosmuu game-development ia javascirpt mysql nodejs npm pdo php smuu sql sqlite stredit
Last synced: 14 Nov 2024
https://github.com/0xpugal/hacktheweb
Things to do while Hacking/Hunting in Web Applications
bugbounty bugbountytips hack recon subdomain-enumeration vulnerability web webappsec websecurity
Last synced: 08 Nov 2024
https://github.com/machine1337/host-injector
A small to find Host Header Injection vulnerabilities in a websites
bugbounty hacking hostheader injection kali-linux machine1337 pentesting webhacking
Last synced: 10 Nov 2024
https://github.com/edoardottt/bugcrowd-go
Golang Bugcrowd API client
api bug-bounty bugbounty bugcrowd bugcrowd-api bugcrowd-client golang security
Last synced: 11 Oct 2024
https://github.com/ElSicarius/Hacks
toolset for various purposes.
bugbounty bugbounty-tool hacking hacking-tools
Last synced: 23 Oct 2024
https://github.com/ropwareJB/jwtfuzz
Library for fuzzing & attacking JSON Web Tokens (JWTs). Bindings for other languages included.
bug-bounty bug-bounty-tools bugbounty fuzz fuzzing hacking hacking-tool jwt jwt-token pentesting pentesting-tools security
Last synced: 23 Oct 2024
https://github.com/anshumanpattnaik/hackbotone-website
HackbotOne | Exploring Application Security & Software Development
blogging-application blogging-platform blogging-site bugbounty cybersecurity django django-application django-blog django-project full-stack full-stack-application full-stack-web-development owasp python python3 web-hacking web-security webapplication webdevelopment website
Last synced: 10 Nov 2024
https://github.com/z3n70/CVE-2021-41277
simple program for exploit metabase
bugbounty cybersecurity exploit metabase ruby
Last synced: 23 Oct 2024
https://github.com/dubs3c/assetnote
Push notifications for passive DNS data
Last synced: 23 Oct 2024
https://github.com/CasperGN/GoHead
Get interesting http headers, internal IPs, possible endpoints from target(s) and search JS files for juicy info
bugbounty headers http http-requests probe
Last synced: 04 Aug 2024
https://github.com/hahwul/buildpack-zap-daemon
zap(zed attack proxy) daemon mode buildpack of heroku
bugbounty hacking heroku-buildpack security zap
Last synced: 24 Oct 2024
https://github.com/itszeeshan/crawlinit
A web crawler written in python3
appsec bugbounty bugbounty-tool bugbountytips crawler crawler-python enumeration infosec python recon reconnaissance scanner url web
Last synced: 12 Oct 2024
https://github.com/adeadfed/pwnfox-for-chromium
A BurpSuite extension that allows you to use Chromium with PwnFox
bugbounty burpsuite chromium hacking webhacking
Last synced: 12 Oct 2024
https://github.com/jmcph4/lm5
Simple and extensible fuzzer
binary-analysis binary-exploitation bugbounty fuzz-testing fuzzer fuzzing penetration-testing pentest-tool pentesting python3 security security-tools vulnerabilities vulnerability-detection vulnerability-identification vulnerability-scanners
Last synced: 06 Nov 2024
https://github.com/robotshell/orhound
ORHound is a tool written in Python whose main function is to find possible Open Redirects on a target using Google Dorks
bugbounty dork google hacking infosec pentesting python
Last synced: 15 Oct 2024
https://github.com/topscoder/subgomain
A high-performance tool for identifying domain takeovers with support for custom fingerprints and resolver lists.
bugbounty bugbounty-tool domain-takeover infosec infosectools security security-tools subdomain-takeover
Last synced: 13 Nov 2024
https://github.com/hackshiv/ffuf-outputter
A cleaner way to save my ffuf output - consider combining it with ffuf easily.
automation bugbounty bugbounty-tool bughunter cybersecurity directoryfuzzer ffuf fuzzer hacking output python3 tools tools-and-automation
Last synced: 12 Nov 2024
https://github.com/theunknownsoul/htb-certified-bug-bounty-hunter-exam-cheetsheet
All cheetsheets with main information from HTB CBBH role path in one place.
bugbounty cheetsheet htb security
Last synced: 08 Nov 2024
https://github.com/hackerajofficial/server-side-template-injection
A server-side template injection occurs when an attacker is able to use native template syntax to inject a malicious payload into a template, which is then executed server-side.
bug bug-bounty bugbounty bugs hackeraj hackeraj-official hackerajofficial injection
Last synced: 10 Nov 2024
https://github.com/mathis2001/lightraversal
LighTraversal is a tool designed to find basic directory traversal vulnerabilities
bugbounty lfi path-traversal pentest
Last synced: 11 Nov 2024