Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Bug Bounty

A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.

GitHub: https://github.com/topics/bugbounty
Wikipedia: https://en.wikipedia.org/wiki/Bug_bounty_program
Related Topics: security,penetration-testing,pentesting,pentest,
Aliases: bug-bounty,
Last updated: 2025-02-04 00:04:14 UTC
JSON Representation

https://github.com/p0dalirius/crawlersuseragents

Python script to check if there is any differences in responses of an application when the request comes from a search engine's crawler.

bugbounty crawler crawlers pentest request tool user-agent web

Last synced: 30 Dec 2024

https://github.com/gwen001/detectify-cves

Find CVEs that don't have a Detectify modules.

bugbounty cve detectify pentesting scanner security-tools

Last synced: 09 Nov 2024

https://github.com/cokebeer/go-cves

收录go语言编写的项目、框架和组件出现的cve，或者一些相关的利用方式的文章

bugbounty cve exploit go poc security

Last synced: 02 Dec 2024

https://github.com/mrcl0wnlab/simplereconsubdomain

This is very basic automated recon script tool.

bugbounty hacking hacking-tool python recon

Last synced: 05 Dec 2024

https://github.com/Bhagavan-Bollina/BugBounty-Dorks

Highly recommended dorks for bug bounty

bug-bounty-dorks bugbounty dorks recon

Last synced: 21 Nov 2024

https://github.com/alexfrancow/isoc

:bar_chart: Deploy an "illegal" SOC to manage vulnerabilities on your city servers in minutes.

blue-team bugbounty bugbounty-tool cybersecurity docker docker-compose elasticsearch elk kibana mongodb openvas python3 red-team security-operations siem vulnerability-detection w3af zabbix

Last synced: 20 Nov 2024

https://github.com/javanxd/raceocat

Make exploiting race conditions in web applications highly efficient and ease-of-use.

bugbounty race-conditions race-detection racer research-and-development

Last synced: 10 Nov 2024

https://github.com/blackhatethicalhacking/bheh-sub-pwner

This bash script tool, will perform advanced subdomain enumeration, save the results, it will then probe the subdomains into urls, save the results in a separate file, it will then resolve all the subdomains into ip addresses and save the results separately.

bugbounty hacking penetration-testing pentesting subdomain-enumeration subdomain-scanner

Last synced: 05 Nov 2024

https://github.com/machine1337/reverse-shells

This tool will help in generating reverse shells easily for all types of OS.

bugbounty fastest-shells hacking machine1337 onelinershells pentesting phpshell phpshells quickshells reverse-shell windows-shells

Last synced: 10 Nov 2024

https://github.com/thelikes/fuzznav

parse ffuf & map endpoints to wordlists

bugbounty directory-fuzzing discovered-endpoints ffuf hacking multiple-wordlists offensive-security pentesting

Last synced: 21 Nov 2024

https://github.com/pdelteil/HackerOneAPIClient

This project is a bash client to use HackerOne's API.

bugbounty bugbountyhunting hackerone

Last synced: 12 Nov 2024

https://github.com/MindPatch/pmg

Extract parameters/paths from urls

bugbounty bugbounty-tool bughunting python regex security

Last synced: 21 Nov 2024

https://github.com/ElSicarius/findalllinks

A tool to extract all the urls and paths found in the content of a page (js sources included)

bugbounty extension javascript linkfinder

Last synced: 21 Nov 2024

https://github.com/gwen001/extract-endpoints

Extract endpoints from source files.

bugbounty endpoints pentesting php security-tools urls

Last synced: 09 Nov 2024

https://github.com/mindpatch/pmg

Extract parameters/paths from urls

bugbounty bugbounty-tool bughunting python regex security

Last synced: 22 Nov 2024

https://github.com/lekssays/kibanarec

A Tool to Extract Open Kibana Instances on Internet and Map them to their Corresponding Organizations for Bug Bounty.

bugbounty kibana recon reconnaissance

Last synced: 10 Nov 2024

https://github.com/gwen001/gitgrep

Webapp to perform regexp search over GitHub search.

bugbounty git github pentesting php private regexp secrets security-tools

Last synced: 09 Nov 2024

https://github.com/umair9747/4ofour

A tech enumeration toolkit focused on 404 Not found pages.

bounty bug-bounty bugbounty cybersecurity cybersecurity-tools ethical-hacking infosec linux osint penetration-testing pentesting recon reconnaissance webappsecurity websec websecurity

Last synced: 08 Nov 2024

https://github.com/0xkayala/custom-nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

bugbounty custom-nuclei-templates exploit-development exploits fingerprint nuclei nuclei-checks nuclei-templates nucleifuzzer security vulnerability-detection

Last synced: 11 Nov 2024

https://github.com/mathis2001/cert4recon

Simple passive Python Recon tool for subdomains enumeration with crt.sh

bugbounty crt-sh information-gathering osint recon subdomain-enumeration

Last synced: 11 Nov 2024

https://github.com/ctoic/lisbook

Collection of your faviorite books.

beginner-friendly bootstrap bugbounty css good-first-issue goodfirstissue hacktoberfest hacktoberfest-accepted hactoberfest help-wanted html javascript tailwindcss webapp

Last synced: 26 Jan 2025

https://github.com/azathothas/wordlists

[Custom || Automated] Curation & Collection of BugBounty Wordlists

bug-bounty bugbounty content-discovery feroxbuster ffuf fuzzing gobuster vhost wordlist wordlists

Last synced: 19 Jan 2025

https://github.com/machine1337/fast-scan

An Advanced tool to scan hundreds of IP's in Seconds for CVE's, Open Ports And Web Technologies.

bugbounty cve-scanning hacking ipscanner kali-linux machine1337 portscanner serverinfo webscanner

Last synced: 10 Nov 2024

https://github.com/0ss/byp4ss3r

tool to bypass 403/401 pages ( helpful for bug hunting)

bugbounty

Last synced: 21 Nov 2024

https://github.com/d3ext/go-recon

External recon toolkit

bugbounty go-recon golang hacking recon toolkit

Last synced: 14 Nov 2024

https://github.com/mrvcoder/cloud_data

Get some useful data from Clouds for your targets

apex-domains bug-bounty bugbounty cloud cname domain ipv4 osint osint-tool recon reconnaissance subdomain subdomain-enumeration subdomain-finder subdomain-scanner

Last synced: 06 Nov 2024

https://github.com/r3k4t/onionnux

Onionnux is a onionsite(DEEPNET/DARKNET) tool.It can help to idenitfy onionsite is active or onionsite server name.

bugbounty forensics-investigations onion-routing python-pyfiglet python-requests security-analysis security-audit security-research socks5-proxy software-engineering website-vulnerability

Last synced: 17 Nov 2024

https://github.com/zishanadthandar/writeups

CTF and Bug Bounty Hunting WriteUps.

activedirectory activedirectorysecurity bufferoverflow bugbounty bugbounty-writeups capture-the-flag ctf ctf-challenges ctf-tools ctf-writeups cybersecurity ethical-hacking ethicalhacking linux pentesting pentesting-tool pentesting-tools privilegeescalation webexploitation windows

Last synced: 22 Nov 2024

https://github.com/cyberlight/cyxbot

Bug bounty bot for channel

bugbounty bugbounty-bot

Last synced: 20 Dec 2024

https://github.com/blackhatethicalhacking/blackhatethicalhacking

Who We Are

bugbounty courses hacking hacking-tools offensive-security pentesting redteam socialengineering

Last synced: 22 Dec 2024

https://github.com/ucybers/bug-bounty-beginner-roadmap

This is a resource for anyone looking to learn bug hunting and provides guidance during the study and learning phase.

bug bug-bounty bugbounty bugbounty-tool bugs cmd cmdline cyber-security cybersecurity cybersecurity-tool guide hacker linux linux-shell powershell roadmap tutorial tutorials windows

Last synced: 13 Oct 2024

https://github.com/hueristiq/hqurlscann3r

A web application attack surface mapping tool. It takes in a list of urls then performs numerous probes

bugbounty bypass-403 go golang

Last synced: 06 Nov 2024

https://github.com/zpettry/boxer

Boxer: A fast directory bruteforce tool written in Python with concurrency.

bruteforce bugbounty directory hacking hacking-tool penetration-testing pentesting python

Last synced: 10 Nov 2024

https://github.com/umair9747/archer

A tool to check for response status codes with ease

bounty bounty-hunting-tools bug-bounty bugbounty bugbounty-tool bugbountytips ethical-hacking hacking hacktoberfest linux penetration-test penetration-testing penetration-testing-framework penetration-testing-tools pentest pentesting recon reconnaissance webapp webapp-security

Last synced: 19 Nov 2024

https://github.com/stackoverflowexcept1on/how-to-hack-github-actions

How to hack Github Actions if you're smart enough ($500 bug bounty)

bugbounty cpp20 hackerone-reports hacking

Last synced: 11 Jan 2025

https://github.com/h33tlit/Parameter-Reflect-Finder

Parameter-Reflect-Finder is a python based tool that helps you find reflected parameters which can have potential XSS or Open redirection vulnerabilities.

bug-bounty bugbounty open-redirect open-redirect-detection parameter-search reflector scanner scraper xss xss-detection xss-scanner

Last synced: 21 Nov 2024

https://github.com/random-robbie/s3-listable

S3 Buckets that will let you list all files inside them

aws aws-s3 bugbounty s3-bucket s3-storage

Last synced: 09 Nov 2024

https://github.com/mathis2001/paramchanger

ParamChanger is a tool allowing you to replace the parameters of a list of urls by a payload entered as an argument

bugbounty parameters pentest

Last synced: 11 Nov 2024

https://github.com/rodolfomarianocy/asnpepper

ASNPepper - Recon in ASN - Extracting CIDR's - Fast and efficient scanning

asn bgp bugbounty hacking information-gathering pentest pentesting reconnaissance tips tricks

Last synced: 14 Dec 2024

https://github.com/mrvcoder/getasn

🌐 Get Some Useful Info From Domain/IP/ASN 🔥

asn-lookup bgpview bugbounty cdn cdn-check cidr cli domain information-gathering osint recon reconnaissance

Last synced: 06 Nov 2024

https://github.com/topscoder/nuclei-zero-day

This repository contains random Nuclei templates I've created. Most of them based on recent security issues and exploits.

bugbounty infosec nuclei nuclei-templates security

Last synced: 12 Jan 2025

https://github.com/ehsaanqazi/Bug-Bounty

Resources and Guides for Web Application Vulnerabilities

bugbounty cybersecurity information-security webapplicationsecurity

Last synced: 21 Nov 2024

https://github.com/AdnaneKhan/ActionsTOCTOU

Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)

actions bugbounty cicd

Last synced: 18 Jan 2025

https://github.com/mathis2001/ParamChanger

ParamChanger is a tool allowing you to replace the parameters of a list of urls by a payload entered as an argument

bugbounty parameters pentest

Last synced: 23 Oct 2024

https://github.com/0x802/LinkSniper

Spider or repeater to find all links.

bugbounty crawl hacktools hunting links repeater scan spiders subdomain subdomain-scanner urls

Last synced: 21 Nov 2024

https://github.com/paulveillard/cybersecurity-bug-bounty

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Bug Bounty in Cybersecurity.

bounty bug bug-bounty-automation bug-bounty-tools bugbounty

Last synced: 07 Dec 2024

https://github.com/gwen001/apk-analyzer

Analyze an APK archive.

android apk bugbounty code-analysis mobile mobile-app pentesting python security-tools

Last synced: 09 Nov 2024

https://github.com/3nock/ote-templates

Community curated list of templates for the OSINT template engine.

attack-surfaces bugbounty fingerprinting osint recon security templates

Last synced: 05 Jan 2025

https://github.com/machine1337/sqlscan

A small and an efficient tool to find SQL injection vulnerability in a websites.

automation-framework bugbounty bugbounty-tool hacking machine1337 sql sqli sqlinjection

Last synced: 10 Nov 2024

https://github.com/d3mondev/crossjoin

Generate a cross join, also known as a Cartesian product, from the lines of the specified files. This process is useful for creating fuzzing payloads.

bug-bounty bugbounty bugbounty-tool bugbounty-tools cartesian-product cross-join crossjoin fuzzer fuzzing hacking hacking-tool penetration-testing penetration-testing-tools permutation

Last synced: 12 Nov 2024

https://github.com/momenbasel/pyrobots

a tool that gets all paths at robots.txt and opens it in the browser.

bugbounty penetration-testing pentesting python python3 robots-txt

Last synced: 11 Oct 2024

https://github.com/j3ssie/str-replace

Simple tools to handle string and generate subdomain permutations

bugbounty hacking infosec pentesting permutations recon subdomain

Last synced: 14 Oct 2024

https://github.com/gwen001/dnsexpire

Test domain expiration dates.

bugbounty dns domains pentesting php python security-tools subdomains

Last synced: 09 Nov 2024

https://github.com/0xpugal/bugbounty_profile

Automate bug bounty recon using bash alias

bash bash-alias bash-profile bugbounty recon reconnaissance

Last synced: 08 Nov 2024

https://github.com/random-robbie/yahoo-bug-bounty

List of hosts from yahoo.com

bugbounty recon yahoo yahoo-bug-bounty

Last synced: 05 Jan 2025

https://github.com/Traumatism/raycharles

Blind RCE fuzzer

bugbounty command-injection fuzz fuzzer fuzzing hacking injection pwn rce remote-code-execution

Last synced: 23 Oct 2024

https://github.com/machine1337/open-redirector

A small and efficient tool to find open redirect vulnerabilities.

bugbounty hacking machine1337 openredirect-scanner vulnerabilities

Last synced: 10 Nov 2024

https://github.com/macmod/namescraper

A Selenium scraper for public domain search tools.

bug-bounty bugbounty dns dnsrecon domain osint pentest reconnaissance scraper security security-tools securitytrails selenium subdomain subdomain-enumeration viewdns whoisxmlapi

Last synced: 22 Nov 2024

https://github.com/cosad3s/njsdump

Dump paths & pages from Next.js Manifest

bugbounty nextjs recon security

Last synced: 17 Dec 2024

https://github.com/p0dalirius/findazuredomaintenant

A Python script to find tenant id an region from a list of domain names.

azure bugbounty domain pentest tenant

Last synced: 30 Dec 2024

https://github.com/DEMON1A/Blinder

A script written in python3 to spread blind cross-site scripting payloads on HTTP requests headers

automation blinder bugbounty bugbounty-tool python3 ssti tool xss xsshunter

Last synced: 21 Nov 2024

https://github.com/enenumxela/ps.sh

A wrapper around tools used for port scanning(nmap, naabu & masscan), the goal being reducing scan time, increasing scan efficiency and automating the workflow.

bashscript bashscripting bug-bounty bugbounty bugbounty-tool enumeration masscan naabu netwok-mapping nmap open-port-check open-port-check-script penetration-testing penetration-testing-tools pentesting port-scaning recon reconnaissance service-discovery

Last synced: 06 Nov 2024

https://github.com/gwen001/gitpillage

Extract data from a .git directory.

bugbounty endpoints git github pentesting python secrets security-tools urls

Last synced: 09 Nov 2024

https://github.com/cosad3s/salsa

SALSA 💃⚡ - SALesforce Scanner for Aura (and beyond). Enumeration of vulnerabilities and misconfigurations against Salesforce endpoint.

bugbounty hacking salesforce security

Last synced: 29 Oct 2024

https://github.com/dotnetrussell/shinobishell

An experimental shell that handles file exfiltration, exploit injection and various other obnoxious tasks.

bug-bounty bugbounty hacking hacking-tool info-sec information-security infosec infosectools linux penetration-testing penetration-testing-tools python python3 redteam shell

Last synced: 22 Jan 2025

https://github.com/robotshell/robotscraper

RobotScraper is a simple tool written in Python to check each of the paths found in the robots.txt file and what HTTP response code they return.

bounty-hunting-tools bugbounty hacking infosec python robots scraper tool

Last synced: 08 Nov 2024

https://github.com/robotshell/robotScraper

RobotScraper is a simple tool written in Python to check each of the paths found in the robots.txt file and what HTTP response code they return.

bounty-hunting-tools bugbounty hacking infosec python robots scraper tool

Last synced: 21 Nov 2024

https://github.com/hackshiv/hackbot

A simple hackingbot for terminal usage (Able to learn and adapt from users).

ai bugbounty bugbountytools chatgpt chatgpt4 hacker hacking machine-learning mistral pentest pentesting pentesting-tools python python3 securityresearch securityresearchers simple-project wormgpt

Last synced: 12 Nov 2024

https://github.com/d3mondev/resolvermt

A Golang module to resolve multiple DNS requests concurrently while respecting a rate limit on the resolvers.

bugbounty dns go golang infosec resolver

Last synced: 12 Nov 2024

https://github.com/crypticq/DNS_Enumerator

bugbounty cybersecurity hacking networking pentest-tool pentesting subdomain-enumeration

Last synced: 23 Oct 2024

https://github.com/masa-finance/bug-bounty

Information about bug bounties available to developers

bugbounty

Last synced: 26 Jan 2025

https://github.com/Markdown-Bug-Bounty-Recon/Markdown-Bug-Bounty-Recon

A recon Framework for Bug Bounty Hunters that would convert the output of a script into Markdown syntax document, which would help them to make better notes, have everything in one document, or concentrating on one domain.md document.

bug-bounty bugbounty security security-tools

Last synced: 21 Nov 2024

https://github.com/lucasmartinelle/AnotherVulnerableWebApp

bugbounty dvwa php7 security training vulnerabilities vulnerable web

Last synced: 21 Nov 2024

https://github.com/fasalmbt/reconme

Recon tool

automation bugbounty recon recontool

Last synced: 21 Nov 2024

https://github.com/freyxfi/bugrecon

An automated bug hunting tool for comprehensive reconnaissance, including subdomain enumeration, port scanning, vulnerability detection, and report generation.

bugbounty bugbounty-tool bugbountytips bughunting hacktoberfest hacktoberfest-accepted hacktoberfest2024 recon reconnaissance

Last synced: 05 Jan 2025

https://github.com/machine1337/hackguard

FAST WEB APPLICATION VULNERABILITY SCANNER written in python3

bugbounty cybersecurity hacking machine1337 penetration sql-injection vulnerability-detection vulnerability-scanners web-application-fr web-application-scan web-scanning

Last synced: 10 Nov 2024

https://github.com/leakix/leakixclient-python

Python Client to LeakIX API

attack-surface-management bounty bugbounty hacktoberfest infosec leakix osint python redteam security vulnerability

Last synced: 11 Nov 2024

https://github.com/9oelm/atm

A set of AuToMation scripts for hacking.

automation bugbounty hacking infosec script web-hacking

Last synced: 23 Oct 2024

https://github.com/machine1337/lfiscan

A small and fast bash script to automate LFI vulnerability.

bugbounty hacking lfi lfi-exploitation machine1337 shell

Last synced: 10 Nov 2024

https://github.com/terjanq/xss-challenge-solutions

This repository is an interactive collection of my solutions to various XSS challenges.

bugbounty ctf-challenges ctf-writeups javascript xss-challenges

Last synced: 13 Nov 2024

https://github.com/c-f/lel

Visualization layer and helper for relevant IT related documentation and operation

bugbounty documentation-tool golang graph lel logger react redteam-infrastructure

Last synced: 21 Nov 2024

https://github.com/gwen001/shottheworld

PHP tool that takes screenshots of a given ips/ports combo list and then try to guess the service.

bugbounty ips pentesting php ports security-tools socket

Last synced: 09 Nov 2024

https://github.com/indiancybertroops/Web-See

Web-See is Tool For Checkout Status Of Urls in Mass Its For Bug Bounty Hunters And Black Hat Hackers It Will Save Your Valuable Time Script is Designed By Indian Cyber Troops

200 202 301 302 400 404 500 bugbounty bugbountyrecon defacing domain-checker ict icttools indiancybertroops indianhacker status-checker web-see webstatus