Trending repositories for topic bugbountytips

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

All about bug bounty (bypasses, payloads, and etc)

jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vuln...

Collection of methodology and test case for various web vulnerabilities.

A collection of awesome one-liner scripts especially for bug bounty tips.

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

A collection of PDF/books about the modern web application security and bug bounty.

Tips and Tutorials for Bug Bounty and also Penetration Tests.

jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vuln...

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

A collection of awesome one-liner scripts especially for bug bounty tips.

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

All about bug bounty (bypasses, payloads, and etc)

A collection of PDF/books about the modern web application security and bug bounty.

Tips and Tutorials for Bug Bounty and also Penetration Tests.

Collection of methodology and test case for various web vulnerabilities.

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vuln...

Collection of methodology and test case for various web vulnerabilities.

𝗖𝗼𝗺𝗽𝗹𝗲𝘁𝗲 𝗕𝘂𝗴 𝗕𝗼𝘂𝗻𝘁𝘆 𝗥𝗼𝗮𝗱𝗺𝗮𝗽 🎯

All about bug bounty (bypasses, payloads, and etc)

A collection of awesome one-liner scripts especially for bug bounty tips.

A collection of PDF/books about the modern web application security and bug bounty.

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

OSINT tools and more but without API key

Some files for bruteforcing certain things.

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Tips and Tutorials for Bug Bounty and also Penetration Tests.

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

Generate tens of thousands of subdomain combinations in a matter of seconds

A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.

𝗖𝗼𝗺𝗽𝗹𝗲𝘁𝗲 𝗕𝘂𝗴 𝗕𝗼𝘂𝗻𝘁𝘆 𝗥𝗼𝗮𝗱𝗺𝗮𝗽 🎯

jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vuln...

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

A collection of PDF/books about the modern web application security and bug bounty.

Generate tens of thousands of subdomain combinations in a matter of seconds

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

OSINT tools and more but without API key

A collection of awesome one-liner scripts especially for bug bounty tips.

Some files for bruteforcing certain things.

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

Collection of methodology and test case for various web vulnerabilities.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Tips and Tutorials for Bug Bounty and also Penetration Tests.

All about bug bounty (bypasses, payloads, and etc)

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vuln...

A collection of PDF/books about the modern web application security and bug bounty.

Collection of methodology and test case for various web vulnerabilities.

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

All about bug bounty (bypasses, payloads, and etc)

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

A collection of awesome one-liner scripts especially for bug bounty tips.

𝗖𝗼𝗺𝗽𝗹𝗲𝘁𝗲 𝗕𝘂𝗴 𝗕𝗼𝘂𝗻𝘁𝘆 𝗥𝗼𝗮𝗱𝗺𝗮𝗽 🎯

OSINT tools and more but without API key

Some files for bruteforcing certain things.

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

Tips and Tutorials for Bug Bounty and also Penetration Tests.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Asset inventory of over 800 public bug bounty programs.

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

API Security Project aims to present unique attack & defense methods in API Security field

🎯 Server Side Template Injection Payloads

jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vuln...

𝗖𝗼𝗺𝗽𝗹𝗲𝘁𝗲 𝗕𝘂𝗴 𝗕𝗼𝘂𝗻𝘁𝘆 𝗥𝗼𝗮𝗱𝗺𝗮𝗽 🎯

acunetix-13 install in kali linux

A curated list of available Bug Bounty & Disclosure Programs and Write-ups.

A collection of PDF/books about the modern web application security and bug bounty.

Juniper Firewalls CVE-2023-36845 - RCE

Cyber Security Notes, Methodology, Resources and Tips

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

OWASP BLT is tool with the purpose of making the web a safer place. We have many facets to the project.

Detect Program Bug Bounty

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

Archive of Potential Insider Threats

Some files for bruteforcing certain things.

OSINT tools and more but without API key

Webapp to search tips on Twitter through #bugbountytips

🎯 Server Side Template Injection Payloads

All In One, Fast, Easy Recon Tool

Tips and Tutorials for Bug Bounty and also Penetration Tests.

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vuln...

𝗖𝗼𝗺𝗽𝗹𝗲𝘁𝗲 𝗕𝘂𝗴 𝗕𝗼𝘂𝗻𝘁𝘆 𝗥𝗼𝗮𝗱𝗺𝗮𝗽 🎯

All about bug bounty (bypasses, payloads, and etc)

Collection of methodology and test case for various web vulnerabilities.

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

A collection of PDF/books about the modern web application security and bug bounty.

A collection of awesome one-liner scripts especially for bug bounty tips.

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

Asset inventory of over 800 public bug bounty programs.

"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.

jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vuln...

Some files for bruteforcing certain things.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

OSINT tools and more but without API key

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

Tips and Tutorials for Bug Bounty and also Penetration Tests.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

A collection of custom security tools for quick needs.

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

acunetix-13 install in kali linux

A tool which helps identifying client-side prototype polluting libraries

CloudSniffer is a powerful tool designed to aid in the discovery of the real IP address of a website protected by Cloudflare. It leverages brute force techniques by testing a list of IP addresses and ...

FourOhMe is a tool for testing HTTP headers on a website in order to try to bypass 40* HTTP codes. Written in Go, so easy to install and fast out of the box.

A collection of PDF/books about the modern web application security and bug bounty.

OWASP BLT is tool with the purpose of making the web a safer place. We have many facets to the project.

A curated list of available Bug Bounty & Disclosure Programs and Write-ups.

Cyber Security Notes, Methodology, Resources and Tips

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.

Asset inventory of over 800 public bug bounty programs.

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of ...

These are my checklists which I use during my hunting.

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

bash script for automating subdomain enumeration process either passive or active

Some files for bruteforcing certain things.

Juniper Firewalls CVE-2023-36845 - RCE

A small tool to help developers understand a huge set of security requirements from appsec teams

Rapidly enumerate subdomains and domains using rapiddns.io.