Trending repositories for topic bugbountytips

All about bug bounty (bypasses, payloads, and etc)

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Some files for bruteforcing certain things.

OSINT tools and more but without API key

Collection of methodology and test case for various web vulnerabilities.

A collection of PDF/books about the modern web application security and bug bounty.

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

All about bug bounty (bypasses, payloads, and etc)

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Some files for bruteforcing certain things.

OSINT tools and more but without API key

A collection of PDF/books about the modern web application security and bug bounty.

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Collection of methodology and test case for various web vulnerabilities.

All about bug bounty (bypasses, payloads, and etc)

Collection of methodology and test case for various web vulnerabilities.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

A collection of PDF/books about the modern web application security and bug bounty.

Some files for bruteforcing certain things.

"Can I take over DNS?" — a list of DNS providers and how to claim (sub)domains via missing hosted zones

OSINT tools and more but without API key

A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

A collection of awesome one-liner scripts especially for bug bounty tips.

A collection of custom security tools for quick needs.

OWASP BLT is a bug logging tool to report issues and get points, companies are held accountable.

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

These are my checklists which I use during my hunting.

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

OWASP BLT is a bug logging tool to report issues and get points, companies are held accountable.

A collection of PDF/books about the modern web application security and bug bounty.

Some files for bruteforcing certain things.

All about bug bounty (bypasses, payloads, and etc)

"Can I take over DNS?" — a list of DNS providers and how to claim (sub)domains via missing hosted zones

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

OSINT tools and more but without API key

These are my checklists which I use during my hunting.

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

Collection of methodology and test case for various web vulnerabilities.

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

A collection of awesome one-liner scripts especially for bug bounty tips.

A collection of custom security tools for quick needs.

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

All about bug bounty (bypasses, payloads, and etc)

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

A collection of PDF/books about the modern web application security and bug bounty.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Collection of methodology and test case for various web vulnerabilities.

A collection of awesome one-liner scripts especially for bug bounty tips.

Some files for bruteforcing certain things.

A collection of custom security tools for quick needs.

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

No description

Tips and Tutorials for Bug Bounty and also Penetration Tests.

OSINT tools and more but without API key

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Asset inventory of over 800 public bug bounty programs.

"Can I take over DNS?" — a list of DNS providers and how to claim (sub)domains via missing hosted zones

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

These are my checklists which I use during my hunting.

Handy scripts and one-liners to make life easier

A collection of PDF/books about the modern web application security and bug bounty.

Cyber Security Notes, Methodology, Resources and Tips

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

OWASP BLT is a bug logging tool to report issues and get points, companies are held accountable.

Some files for bruteforcing certain things.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

These are my checklists which I use during my hunting.

PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of ...

"Can I take over DNS?" — a list of DNS providers and how to claim (sub)domains via missing hosted zones

Chrome extension that lists Amazon S3 Buckets while browsing

No description

OSINT tools and more but without API key

BugBounty_CheatSheet

Asset inventory of over 800 public bug bounty programs.

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

Tips and Tutorials for Bug Bounty and also Penetration Tests.

Find sensitive information using dorks from different search-engines.

A collection of awesome one-liner scripts especially for bug bounty tips.

A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of ...

Juniper Firewalls CVE-2023-36845 - RCE

Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.

All about bug bounty (bypasses, payloads, and etc)

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

Collection of methodology and test case for various web vulnerabilities.

No description

A collection of PDF/books about the modern web application security and bug bounty.

A collection of awesome one-liner scripts especially for bug bounty tips.

Asset inventory of over 800 public bug bounty programs.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

OSINT tools and more but without API key

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

A collection of custom security tools for quick needs.

Tips and Tutorials for Bug Bounty and also Penetration Tests.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Some files for bruteforcing certain things.

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

Self-hosted passive subdomain continous monitoring tool.

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

API Security Project aims to present unique attack & defense methods in API Security field

PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of ...

CloudSniffer is a powerful tool designed to aid in the discovery of the real IP address of a website protected by Cloudflare. It leverages brute force techniques by testing a list of IP addresses and ...

A tool which helps identifying client-side prototype polluting libraries

A collection of PDF/books about the modern web application security and bug bounty.

No description

OWASP BLT is a bug logging tool to report issues and get points, companies are held accountable.

赏金技巧|红队|RedTeam|信息侦查|漏洞挖掘

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

Asset inventory of over 800 public bug bounty programs.

A curated list of available Bug Bounty & Disclosure Programs and Write-ups.

All in one web Recon app

Cyber Security Notes, Methodology, Resources and Tips

🚀 A DNS automated scanner and tool 🖱️ (Zone Transfer, DNS Zone Takeover, Subdomain Takeover).

Find sensitive information using dorks from different search-engines.

Chrome extension that lists Amazon S3 Buckets while browsing

All about bug bounty (bypasses, payloads, and etc)

Archive of Potential Insider Threats

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

🎯 CSV Injection Payloads

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting