Trending repositories for topic bugbounty-tool
ScopeSentry-Cyberspace mapping, subdomain enumeration, port scanning, sensitive information discovery, vulnerability scanning, distributed nodes
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
This is my personal repo, which includes bug bounty tips, a collection of tools, one-liners, and other resources I personally prefer while hunting. It is still under development, so feel free to contr...
AIHTTPAnalyzer revolutionizes web application security testing by bringing artificial intelligence capabilities to Burp Suite. This innovative extension harnesses the power of AI to automate vulnerabi...
This is my personal repo, which includes bug bounty tips, a collection of tools, one-liners, and other resources I personally prefer while hunting. It is still under development, so feel free to contr...
AIHTTPAnalyzer revolutionizes web application security testing by bringing artificial intelligence capabilities to Burp Suite. This innovative extension harnesses the power of AI to automate vulnerabi...
ScopeSentry-Cyberspace mapping, subdomain enumeration, port scanning, sensitive information discovery, vulnerability scanning, distributed nodes
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
ScopeSentry-Cyberspace mapping, subdomain enumeration, port scanning, sensitive information discovery, vulnerability scanning, distributed nodes
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
This is my personal repo, which includes bug bounty tips, a collection of tools, one-liners, and other resources I personally prefer while hunting. It is still under development, so feel free to contr...
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
A powerful JavaScript monitoring tool for bug bounty hunters. Track changes in JavaScript files across websites, detect new attack surfaces, and stay ahead of security vulnerabilities.
jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vuln...
Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including do...
AIHTTPAnalyzer revolutionizes web application security testing by bringing artificial intelligence capabilities to Burp Suite. This innovative extension harnesses the power of AI to automate vulnerabi...
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
This is my personal repo, which includes bug bounty tips, a collection of tools, one-liners, and other resources I personally prefer while hunting. It is still under development, so feel free to contr...
A powerful JavaScript monitoring tool for bug bounty hunters. Track changes in JavaScript files across websites, detect new attack surfaces, and stay ahead of security vulnerabilities.
AIHTTPAnalyzer revolutionizes web application security testing by bringing artificial intelligence capabilities to Burp Suite. This innovative extension harnesses the power of AI to automate vulnerabi...
ScopeSentry-Cyberspace mapping, subdomain enumeration, port scanning, sensitive information discovery, vulnerability scanning, distributed nodes
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vuln...
Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including do...
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
A modular external attack surface mapping tool integrating tools for automated reconnaissance and bug bounty workflows.
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
ScopeSentry-Cyberspace mapping, subdomain enumeration, port scanning, sensitive information discovery, vulnerability scanning, distributed nodes
JSSCM detects expired domains for Stored XSS exploitation during browsing.
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
A modular external attack surface mapping tool integrating tools for automated reconnaissance and bug bounty workflows.
A curated collection of top-tier penetration testing tools and productivity utilities across multiple domains. Join us to explore, contribute, and enhance your hacking toolkit!
jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vuln...
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Tips and Tutorials for Bug Bounty and also Penetration Tests.
Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including do...
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in ...
Provides public bug bounty programs in-scope data that offer rewards and monitors public bug bounty programs assets.
This is my personal repo, which includes bug bounty tips, a collection of tools, one-liners, and other resources I personally prefer while hunting. It is still under development, so feel free to contr...
Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty.
A modular external attack surface mapping tool integrating tools for automated reconnaissance and bug bounty workflows.
JSSCM detects expired domains for Stored XSS exploitation during browsing.
This is my personal repo, which includes bug bounty tips, a collection of tools, one-liners, and other resources I personally prefer while hunting. It is still under development, so feel free to contr...
Provides public bug bounty programs in-scope data that offer rewards and monitors public bug bounty programs assets.
AIHTTPAnalyzer revolutionizes web application security testing by bringing artificial intelligence capabilities to Burp Suite. This innovative extension harnesses the power of AI to automate vulnerabi...
ScopeSentry-Cyberspace mapping, subdomain enumeration, port scanning, sensitive information discovery, vulnerability scanning, distributed nodes
jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vuln...
CloudSniffer is a powerful tool designed to aid in the discovery of the real IP address of a website protected by Cloudflare. It leverages brute force techniques by testing a list of IP addresses and ...
A powerful JavaScript monitoring tool for bug bounty hunters. Track changes in JavaScript files across websites, detect new attack surfaces, and stay ahead of security vulnerabilities.
This Is The Ultimate Bug Bounty Automation & Web Hacking Tool That I've Created.
Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty.
Robofinder retrieves historical #robots.txt files from #Archive.org, allowing you to uncover previously disallowed directories and paths for any domain—essential for deepening your #OSINT and #recon p...
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including do...
A curated collection of top-tier penetration testing tools and productivity utilities across multiple domains. Join us to explore, contribute, and enhance your hacking toolkit!
jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vuln...
A powerful JavaScript monitoring tool for bug bounty hunters. Track changes in JavaScript files across websites, detect new attack surfaces, and stay ahead of security vulnerabilities.
Advanced CORS Header Checker Tool with Vulnerability Detection and Bypass Attempts
AIHTTPAnalyzer revolutionizes web application security testing by bringing artificial intelligence capabilities to Burp Suite. This innovative extension harnesses the power of AI to automate vulnerabi...
JSSCM detects expired domains for Stored XSS exploitation during browsing.
A modular external attack surface mapping tool integrating tools for automated reconnaissance and bug bounty workflows.
collectvars collects JavaScript variables, highlights risky ones, and helps you understand code structure, while you casually browse.
This is a resource for anyone looking to learn bug hunting and provides guidance during the study and learning phase.
ScopeSentry-Cyberspace mapping, subdomain enumeration, port scanning, sensitive information discovery, vulnerability scanning, distributed nodes
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vuln...
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in ...
Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including do...
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
TerminatorZ is a highly sophisticated and efficient web security tool that scans for top potential vulnerabilities with known CVEs in your web applications.
Robofinder retrieves historical #robots.txt files from #Archive.org, allowing you to uncover previously disallowed directories and paths for any domain—essential for deepening your #OSINT and #recon p...
Tips and Tutorials for Bug Bounty and also Penetration Tests.
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
A curated collection of top-tier penetration testing tools and productivity utilities across multiple domains. Join us to explore, contribute, and enhance your hacking toolkit!
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty.
This is my personal repo, which includes bug bounty tips, a collection of tools, one-liners, and other resources I personally prefer while hunting. It is still under development, so feel free to contr...
Robofinder retrieves historical #robots.txt files from #Archive.org, allowing you to uncover previously disallowed directories and paths for any domain—essential for deepening your #OSINT and #recon p...
A modular external attack surface mapping tool integrating tools for automated reconnaissance and bug bounty workflows.
A powerful JavaScript monitoring tool for bug bounty hunters. Track changes in JavaScript files across websites, detect new attack surfaces, and stay ahead of security vulnerabilities.
collectvars collects JavaScript variables, highlights risky ones, and helps you understand code structure, while you casually browse.
Advanced CORS Header Checker Tool with Vulnerability Detection and Bypass Attempts
JSSCM detects expired domains for Stored XSS exploitation during browsing.
This is a resource for anyone looking to learn bug hunting and provides guidance during the study and learning phase.
Provides public bug bounty programs in-scope data that offer rewards and monitors public bug bounty programs assets.
TerminatorZ is a highly sophisticated and efficient web security tool that scans for top potential vulnerabilities with known CVEs in your web applications.
This script is used to search for cloud certificate entities such as Amazon, Azure, and others that have been extracted by the kaeferjaeger.gay provider.
This is a useful Python script for extracting bug bounty or any other write-ups from every RSS.
This Is The Ultimate Bug Bounty Automation & Web Hacking Tool That I've Created.
Pentest/Red Team: Resources, repos and scripts.
Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including do...
CloudSniffer is a powerful tool designed to aid in the discovery of the real IP address of a website protected by Cloudflare. It leverages brute force techniques by testing a list of IP addresses and ...