Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Bug Bounty
A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
- GitHub: https://github.com/topics/bugbounty
- Wikipedia: https://en.wikipedia.org/wiki/Bug_bounty_program
- Related Topics: security,penetration-testing,pentesting,pentest,
- Aliases: bug-bounty,
- Last updated: 2024-11-14 00:03:15 UTC
- JSON Representation
https://github.com/Anof-cyber/Application-Security
Resources for Application Security including Web, API, Android, iOS and Thick Client
android application-security appsec bugbounty cybersecurity hacking infosec penetration-testing penetration-testing-notes pentesting security security-testing
Last synced: 29 Oct 2024
https://github.com/Taonn/EmailAll
EmailAll is a powerful Email Collect tool — 一款强大的邮箱收集工具
bounty-hunting-tools bugbounty discovery domain email- email-collector emailhunter emails hacking-tools information-gathering information-gathering-tools osint osint-python python redteam redteaming search-engine security-tools
Last synced: 04 Aug 2024
https://github.com/Cgboal/SonarSearch
A rapid API for the Project Sonar dataset
bugbounty dns enumeration osint osint-tool penetration-testing penetration-testing-tools rapid7 sonar-api subdomain subdomain-enumeration
Last synced: 09 Nov 2024
https://github.com/BishopFox/h2csmuggler
HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
bugbounty infosec security-research security-tools
Last synced: 03 Nov 2024
https://github.com/utkusen/socialhunter
crawls the website and finds broken social media links that can be hijacked
bug-bounty bugbounty osint redteam redteaming
Last synced: 04 Aug 2024
https://github.com/lord-alfred/ipranges
🔨 List all IP ranges from: Google (Cloud & GoogleBot), Bing (Bingbot), Amazon (AWS), Microsoft, Oracle (Cloud), GitHub, Facebook (Meta), OpenAI (GPTBot) and other with daily updates.
amazon-aws azure bing bingbot bug-bounty bugbounty cidr cidr-ranges digitalocean facebook google-cloud googlebot ip-ranges iplist microsoft network-security oracle osint pentesting twitter
Last synced: 07 Nov 2024
https://github.com/shelld3v/jsshell
JSshell - JavaScript reverse/remote shell
blindxss bugbounty hacking javascript js pentest python python3 security shell xss xss-exploitation
Last synced: 01 Nov 2024
https://github.com/3nock/spidersuite
Advance web security spider/crawler
bugbounty cplusplus crawler gui information-gathering osint-tool pentest qt5 recon security-tools spider web-spider webcrawler
Last synced: 12 Oct 2024
https://github.com/anasfik/flutter-spy
Explore, analyze, and gain valuable data & insights from reverse engineered Flutter apps.
bugbounty flutter osint recon reconnaissance reverse-engineering security-tools
Last synced: 14 Nov 2024
https://github.com/brosck/mantra
「🔑」A tool used to hunt down API key leaks in JS files and pages
api bugbounty files hacking javascript js key leak leaked-secrets pentest security tool
Last synced: 13 Nov 2024
https://github.com/Hari-prasaanth/Web-App-Pentest-Checklist
A OWASP Based Checklist With 500+ Test Cases
bug bugbounty checklist penetration-testing penetration-testing-framework pentesting web website
Last synced: 14 Nov 2024
https://github.com/dwisiswant0/ppfuzz
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
bugbounty bugbounty-tool bugbountytips chromium prototype-pollution rust rust-tools security security-tools vulnerability-scanners
Last synced: 12 Oct 2024
https://github.com/Bywalks/DarkAngel
DarkAngel 是一款全自动白帽漏洞扫描器,从hackerone、bugcrowd资产监听到漏洞报告生成、漏洞URL截屏、消息通知。
bugbounty penetration-testing security-tools
Last synced: 04 Aug 2024
https://github.com/jaiswalakshansh/Facebook-BugBounty-Writeups
Collection of Facebook Bug Bounty Writeups
bug-bounty bugbounty bugbounty-writeups facebook-security
Last synced: 04 Aug 2024
https://github.com/eslam3kl/SQLiDetector
Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases.
bug-bounty bugbounty infosec penetration-testing pentesting sqlinjection
Last synced: 03 Aug 2024
https://github.com/nullt3r/jfscan
JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate report.
bugbounty enumeration masscan network nmap pentesting portscanner python recon scanning security-tools tcp vulnerabilityscanner
Last synced: 06 Nov 2024
https://github.com/0xApt/awesome-bbht
A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
bug-bounty bug-hunting bugbounty enumerate-subdomains exploitation hacking hacking-tool hacking-tools penetration-testing recon reconnaissance security-tools
Last synced: 25 Oct 2024
https://github.com/n0mi1k/apk2url
An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling
android android-security apk apktool bugbounty endpoint-discovery jadx osint-tool redteam-tools
Last synced: 04 Aug 2024
https://github.com/infobyte/emploleaks
An OSINT tool that helps detect members of a company with leaked credentials
bugbounty cybersecurity leaked-secrets osint pentesting redteam
Last synced: 09 Nov 2024
https://github.com/the-xentropy/samlists
Free, libre, effective, and data-driven wordlists for all!
bugbounty cybersecurity hacking hacking-tools
Last synced: 29 Oct 2024
https://github.com/harsh-bothra/securityexplained
SecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.
appsecurity bugbounty hacking learning pentesting
Last synced: 05 Nov 2024
https://github.com/LewisArdern/bXSS
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
blueteam bugbounty bxss cross-site-scripting infosec security xss
Last synced: 03 Nov 2024
https://github.com/KathanP19/Gxss
A tool to check a bunch of URLs that contain reflecting params.
bugbounty bugbounty-tool golang xss xss-detection
Last synced: 04 Aug 2024
https://github.com/Raghavd3v/CRLFsuite
The most powerful CRLF injection (HTTP Response Splitting) scanner.
bugbounty crlf-injection ethical-hacking http-response-splitting pentest-tool pentesting security-tools waf-detection webapp-pentesting
Last synced: 03 Nov 2024
https://github.com/Nefcore/CRLFsuite
The most powerful CRLF injection (HTTP Response Splitting) scanner.
bugbounty crlf-injection ethical-hacking http-response-splitting pentest-tool pentesting security-tools waf-detection webapp-pentesting
Last synced: 14 Aug 2024
https://github.com/whitel1st/docem
A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
bugbounty oxml xss xss-injection xxe xxe-injection
Last synced: 03 Nov 2024
https://github.com/lewisardern/bxss
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
blueteam bugbounty bxss cross-site-scripting infosec security xss
Last synced: 03 Nov 2024
https://github.com/dhaval17/awsome-security-write-ups-and-POCs
Awesome Writeups and POCs
bugbounty pocs vulnerability writeups
Last synced: 08 Nov 2024
https://github.com/mufeedvh/basecrack
Decode All Bases - Base Scheme Decoder
base base16 base32 base58 base64 bugbounty capture-the-flag cryptography cryptography-project cryptography-tools ctf ctf-tools decode decode-strings decoder decoders encoder-decoder infosec python tool
Last synced: 13 Nov 2024
https://github.com/komomon/Komo
🚀Komo, a comprehensive asset collection and vulnerability scanning tool. Komo 一个综合资产收集和漏洞扫描工具,集成了20余款工具,通过多种方式对子域进行获取,收集域名邮箱,进行存活探测,域名指纹识别,域名反查ip,ip端口扫描,web服务链接爬取并发送给xray,对web服务进行POC漏洞扫描,对主机进行主机漏洞扫描。
amass bugbounty crawlergo ctfr emailall gospider hacking httpx information-gathering infosec ksubdomain naabu nuclei oneforall osint pentesting poc rad subfinder xray
Last synced: 04 Aug 2024
https://github.com/jordanpotti/CloudScraper
CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
aws azure bugbounty digitalocean hacking reconnaissance
Last synced: 27 Oct 2024
https://github.com/jordanpotti/cloudscraper
CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
aws azure bugbounty digitalocean hacking reconnaissance
Last synced: 03 Nov 2024
https://github.com/p0dalirius/webapp-wordlists
This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.
application bugbounty cms content-management-system drupal pentesting typo3 version web wordlists wordpress
Last synced: 11 Oct 2024
https://github.com/kleiton0x00/ppmap
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
bug-bounty bugbounty bugbounty-tool cybersecurity infosec prototype-pollution xss xss-detection xss-exploitation xss-vulnerability
Last synced: 14 Nov 2024
https://github.com/TupleType/awesome-cicd-attacks
Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
appsec awesome awesome-list bugbounty cicd cybersecurity devesecops hacking infosec offensive-security penetration-testing research tools
Last synced: 26 Sep 2024
https://github.com/chiasmod0n/chiasmodon
Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including domain emails, domain credentials, CIDRs , ASNs , and subdomains, the tool also allows users to search Google Play application ID.
asn attack-surface bugbounty bugbounty-tool chiasmodon cidr credentials email-enumeration emails information-gathering intelligence intelligence-analysis osint reconnaissance reconnaissance-framework subdomain-enumeration subdomains
Last synced: 09 Nov 2024
https://github.com/Cyber-Dioxide/CyberPhish
A heavily armed customizable phishing tool for educational purpose only
bugbounty bugbounty-python cyber cyber-dioxide cyberd github-hacking hack hacker hacking hacking-toolkit hak-python kali-linux kali-linux-hacking phish phishing-sites python python-ethical-hacking python-ha python-hack termux-tools
Last synced: 08 Nov 2024
https://github.com/hackshiv/onedorkforall
An insane list of all dorks taken from everywhere from various different sources.
alldorks bugbounty darkweb dorking dorking-target dorking-tool dorks dorks-dumper googledork googledorks intel osint red-team research shodandorks
Last synced: 12 Nov 2024
https://github.com/edoverflow/bugbountyguide
Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.
Last synced: 10 Nov 2024
https://github.com/v4d1/Dome
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
bugbounty enumeration hacking-tool osint penetration-testing pentesting recon reconnaissance redteam redteam-tools subdomain subdomain-brute subdomain-enumeration subdomain-finder subdomain-scanner
Last synced: 04 Aug 2024
https://github.com/EdOverflow/bugbountyguide
Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.
Last synced: 25 Oct 2024
https://github.com/n0kovo/n0kovo_subdomains
An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
bugbounty enumeration osint pentesting reconnaissance redteam subdomain-brute subdomain-bruteforcing subdomain-enumeration subdomain-scanner subdomain-wordlist subdomains wordlist wordlists
Last synced: 07 Nov 2024
https://github.com/capt-meelo/LazyRecon
An automated approach to performing recon for bug bounty hunting and penetration testing.
bugbounty pentest recon reconnaissance
Last synced: 28 Oct 2024
https://github.com/c0dejump/HawkScan
Security Tool for Reconnaissance and Information Gathering on a website. (python 3.x)
bugbounty fuzzer hawkscan information-gathering reconnaissance web
Last synced: 04 Aug 2024
https://github.com/Josue87/gotator
Gotator is a tool to generate DNS wordlists through permutations.
bug-bounty bugbounty reconnaissance security-tools subdomain
Last synced: 03 Aug 2024
https://github.com/aydinnyunus/exiflooter
ExifLooter finds geolocation on all image urls and directories also integrates with OpenStreetMap
bug-bounty bugbounty cyber-security exif exif-metadata exiftool golang hack hacking image metadata metadata-extraction osint redteam security
Last synced: 11 Nov 2024
https://github.com/epi052/recon-pipeline
An automated target reconnaissance pipeline.
bugbounty python3 recon recon-pipeline reconnaissance scanner security-tools
Last synced: 26 Oct 2024
https://github.com/aydinnyunus/exifLooter
ExifLooter finds geolocation on all image urls and directories also integrates with OpenStreetMap
bug-bounty bugbounty cyber-security exif exif-metadata exiftool golang hack hacking image metadata metadata-extraction osint redteam security
Last synced: 05 Nov 2024
https://github.com/1in9e/gosint
Gosint is a distributed asset information collection and vulnerability scanning platform
bugbounty information-gathering information-security osint security-tools
Last synced: 05 Nov 2024
https://github.com/hakluke/hakip2host
hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.
Last synced: 29 Oct 2024
https://github.com/flipkart-incubator/watchdog
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
application-security bugbounty cve-databases cve-search network-security penetration-testing-framework pentest-tool product-security security security-testing security-tools security-vulnerability vulnerability-assessment vulnerability-management
Last synced: 09 Nov 2024
https://github.com/ishanoshada/gdorks
Google Dork List - Uncover the Hidden Gems of the Internet ( There are at least 320+ categories )
bugbounty ceh dork dorks ghdb google google-dork google-dork-database google-dorking google-dorking-payloads google-dorks google-hacking google-hacking-database googledork hacking infomation-gathering osint sqli xss
Last synced: 06 Nov 2024
https://github.com/gradejs/gradejs
GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
bugbounty bundle bundling javascript npm package-management security-tools vulnerability vulnerability-detection webpack website-security
Last synced: 29 Oct 2024
https://github.com/gokulapap/Reconator
Automated Recon for Pentesting & Bug Bounty
automation bugbounty fuzzer python recon reconator scanner telebot-notification webscanner
Last synced: 04 Aug 2024
https://github.com/HackShiv/OneDorkForAll
An insane list of all dorks taken from everywhere from various different sources.
alldorks bugbounty darkweb dorking dorking-target dorking-tool dorks dorks-dumper googledork googledorks intel osint red-team research shodandorks
Last synced: 26 Sep 2024
https://github.com/taielab/Taie-Bugbounty-killer
挖掘国内外漏洞平台必备的自动化捡钱赏金技巧,看了并去做了捡钱如喝水。
bugbounty bugbounty-tool bugbountytips
Last synced: 04 Aug 2024
https://github.com/hahwul/authz0
🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
auth authorization authz bugbounty golang golang-application security security-scanner security-tools
Last synced: 14 Nov 2024
https://github.com/yassineaboukir/Asnlookup
Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
asn bugbounty enumeration hacking infosec masscan nmap pentest port-scanning reconnaissance
Last synced: 06 Nov 2024
https://github.com/domain-protect/domain-protect
OWASP Domain Protect - prevent subdomain takeover
aws bugbounty cloudflare dns owasp security security-tools serverless terraform
Last synced: 04 Aug 2024
https://github.com/hahwul/mad-metasploit
Metasploit custom modules, plugins, resource script and.. awesome metasploit collection
bugbounty collections hacking mad-metasploit metasploit resources security
Last synced: 14 Nov 2024
https://github.com/Brum3ns/firefly
Black box fuzzer for web applications
black-box-testing blackbox bugbounty fuzz fuzzer fuzzing penetration-testing pentesting security-tools web-security
Last synced: 09 Nov 2024
https://github.com/l4yton/RegHex
A collection of regexes for every possbile use
Last synced: 05 Nov 2024
https://github.com/edoardottt/csprecon
Discover new target domains using Content Security Policy
bounty-hunting bugbounty bugbounty-tool content-security-policy csp golang hacking hacktoberfest information-retrieval offensive-security offensivesecurity recon recon-tool reconnaissance security security-tools
Last synced: 13 Nov 2024
https://github.com/p0dalirius/ipsourcebypass
This Python script can be used to bypass IP source restrictions using HTTP headers.
bugbounty bypass headers http ip pentesting python tool
Last synced: 29 Oct 2024
https://github.com/gwen001/s3-buckets-finder
Find AWS S3 buckets and test their permissions.
aws aws-s3 bucket bugbounty cloud pentesting php s3 s3-bucket security-tools
Last synced: 09 Nov 2024
https://github.com/redhuntlabs/BucketLoot
BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.
automation blackhat bounty bugbounty bughunting cli cloud cloud-security cybersecurity infosec infosectools osint pentesting recon reconnaissance s3 secret-scanning
Last synced: 10 Sep 2024
https://github.com/theinfosecguy/quickxss
Automating XSS using Bash
bash-script bugbounty hacktoberfest hacktoberfest2021 xss xss-detection xss-vulnerability
Last synced: 09 Oct 2024
https://github.com/theinfosecguy/QuickXSS
Automating XSS using Bash
bash-script bugbounty hacktoberfest hacktoberfest2021 xss xss-detection xss-vulnerability
Last synced: 04 Aug 2024
https://github.com/kac89/vulnrepo
VULNRΞPO - Free vulnerability report generator and repository end-to-end encrypted. Complete templates of issues, CWE, CVE, MITRE ATT&CK, PCI DSS, issues import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT/JSON/MARKDOWN/HTML/PDF report, attachments, automatic changelog, statistics, vulnerability management, methodologies and much more!
angular bugbounty burpsuite cve cwe end-to-end-encryption mitre-attack nessus nmap openvas pci-dss pentesting security security-team security-tool trivy vulnerability-assessment vulnerability-management vulnerability-report vulnerability-research
Last synced: 04 Nov 2024
https://github.com/mzfr/slicer
A tool to automate the boring process of APK recon
android apk apktool bugbounty hacktoberfest hacktoberfest2021
Last synced: 04 Aug 2024
https://github.com/Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera
🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337
bugbounty bugbounty-writeups bugbountytips cve cve-2022-0337 cybersecurity exploit hacking payload pentest pentesting red-team security security-writeups writeups
Last synced: 03 Nov 2024
https://github.com/gnebbia/pdlist
A passive subdomain finder
bugbounty dns information-gathering osint osint-reconnaissance osint-resources passive-dns passive-dns-data reconnaissance
Last synced: 13 Nov 2024
https://github.com/ahussam/url-tracker
Change monitoring app that checks the content of web pages in different periods.
bugbounty change-monitoring recon reconnaissance security
Last synced: 23 Oct 2024
https://github.com/intigriti/misconfig-mapper
Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/or bug bounty targets!
bug-bounty bugbounty cybersecurity hacking hacking-tool misconfig misfconfiguration services
Last synced: 23 Oct 2024
https://github.com/edoardottt/lit-bb-hack-tools
Little Bug Bounty & Hacking Tools⚔️
bug-bounty bug-bounty-recon bugbounty cli cli-tool ctf-tool ctf-tools hacking hacking-tool hacking-tools hacktoberfest infosec infosectools penetration-testing-tools security-tools tools
Last synced: 01 Nov 2024
https://github.com/disclose/resources
Tools, data, and contact lists relevant to The disclose.io Project.
bug-bounty bugbounty certs infosec security vulnerability-disclosure
Last synced: 04 Aug 2024
https://github.com/pikpikcu/XRCross
XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
bugbounty bugbounty-tool check-subdomains cors cors-scanner lfi rce recon scanners sqli ssrf subdomain-enumeration takeover-subdomain xss-scanner xss-vulnerability
Last synced: 04 Aug 2024
https://github.com/r3curs1v3-pr0xy/sub404
A python tool to check subdomain takeover vulnerability
bug-bounty bugbounty bugbounty-tool pentesting sub404 subdomain subdomain-takeover takeover-subdomain vulnerability-scanner
Last synced: 03 Aug 2024
https://github.com/sdushantha/dora
Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found
apikeys bugbounty bugcrowd ethical-hacking exploits hackerone infosec python regex
Last synced: 26 Oct 2024
https://github.com/jaeles-project/jaeles-signatures
Default signature for Jaeles Scanner
bugbounty jaeles jaeles-signatures security vulnerability-scanner
Last synced: 05 Nov 2024
https://github.com/teknogeek/ssrf-sheriff
A simple SSRF-testing sheriff written in Go
Last synced: 03 Nov 2024
https://github.com/MayankPandey01/Jira-Lens
Fast and customizable vulnerability scanner For JIRA written in Python
bugbounty jira jira-rest-api python3 scanner security security-tools vulnerability-scanners
Last synced: 04 Aug 2024
https://github.com/d4rckh/vaf
Vaf is a cross-platform very advanced and fast web fuzzer written in nim
bruteforce bug-bounty bugbounty burpsuite fuzzer fuzzing hacking hacking-tools nim penetration-testing pentest-tool recon security-tools vaf web xss
Last synced: 03 Nov 2024
https://github.com/root4loot/rescope
A scope generation tool for Burp Suite & ZAP
bugbounty burp burpsuite enumeration go golang infosec pentesting scope security security-tools websec zap
Last synced: 14 Nov 2024
https://github.com/gwen001/cloudflare-origin-ip
Try to find the origin IP of a webapp protected by Cloudflare.
bugbounty cloudflare ips pentesting python security-tools webapp
Last synced: 09 Nov 2024
https://github.com/reconness/reconness
ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
bugbounty pentesting platform recon redteam tools vulnerable-targets
Last synced: 04 Aug 2024
https://github.com/random-robbie/bugbounty-scans
aquatone results for sites with bug bountys
Last synced: 09 Nov 2024
https://github.com/EdOverflow/megplus
Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
bugbounty infosec recon reconnaissance security
Last synced: 03 Aug 2024
https://github.com/edoverflow/megplus
Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
bugbounty infosec recon reconnaissance security
Last synced: 03 Nov 2024
https://github.com/sectool/redteam-hardware-toolkit
🔺 Red Team Hardware Toolkit 🔺
bugbounty hack hacker hacker-tool hacker-tools hackers hacking hacking-tool hacking-tools hardware hardware-hackers hardware-hacking pentester pentesters redteam redteam-hardware redteam-hardware-tool redteam-hardware-toolkit redteaming synack
Last synced: 11 Nov 2024
https://github.com/security-checklist/php-security-check-list
PHP Security Check List [ EN ] 🌋 ☣️
bugbounty checklist php php-framework php-library php-security php-security-checker security security-audit security-checklist security-research security-researcher security-testing web-application web-application-framework web-application-security webapplication
Last synced: 01 Nov 2024
https://github.com/ameenmaali/qsfuzz
qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
bugbounty fuzz infosec security vulnerability-detection
Last synced: 03 Nov 2024
https://github.com/JoshuaMart/AutoRecon
Simple shell script for automated domain recognition with some tools
automated bugbounty domain-discovery recon reconnaissance
Last synced: 06 Nov 2024
https://github.com/ameenmaali/urldedupe
Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
bugbounty cpp hacking infosec penetration-testing url-parser
Last synced: 04 Aug 2024
https://github.com/RapidDNS/Afuzz
Afuzz is an automated web path fuzzing tool for the Bug Bounty projects.
bugbounty fuzzing pentest pentest-tool pentesting security-tools
Last synced: 04 Aug 2024
https://github.com/mindpatch/lorsrf
Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load :artificial_satellite: :crab:
blindssrf bruteforce bugbounty fuzzing hacking penetration-testing pentesting rust ssrf websecurity
Last synced: 13 Nov 2024
https://github.com/sudosammy/knary
A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover support
bugbounty burpsuite canary ctf-tools discord discord-bot dns-canary microsoft-teams offensive-security penetration-testing pentesting pushover-notifications security-tools slackbot
Last synced: 05 Nov 2024
https://github.com/MindPatch/lorsrf
Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load :artificial_satellite: :crab:
blindssrf bruteforce bugbounty fuzzing hacking penetration-testing pentesting rust ssrf websecurity
Last synced: 03 Nov 2024