Trending repositories for topic bugbountytips
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Collection of methodology and test case for various web vulnerabilities.
A collection of awesome one-liner scripts especially for bug bounty tips.
Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
A collection of PDF/books about the modern web application security and bug bounty.
A fast DOM based XSS vulnerability scanner with simplicity.
"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
A collection of PDF/books about the modern web application security and bug bounty.
A fast DOM based XSS vulnerability scanner with simplicity.
A collection of awesome one-liner scripts especially for bug bounty tips.
"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.
Collection of methodology and test case for various web vulnerabilities.
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Collection of methodology and test case for various web vulnerabilities.
A collection of awesome one-liner scripts especially for bug bounty tips.
Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
A collection of PDF/books about the modern web application security and bug bounty.
A fast DOM based XSS vulnerability scanner with simplicity.
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.
API Security Project aims to present unique attack & defense methods in API Security field
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
A fast DOM based XSS vulnerability scanner with simplicity.
A collection of PDF/books about the modern web application security and bug bounty.
A collection of awesome one-liner scripts especially for bug bounty tips.
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Collection of methodology and test case for various web vulnerabilities.
"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
API Security Project aims to present unique attack & defense methods in API Security field
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
A collection of awesome one-liner scripts especially for bug bounty tips.
Collection of methodology and test case for various web vulnerabilities.
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.
A collection of PDF/books about the modern web application security and bug bounty.
Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
A fast DOM based XSS vulnerability scanner with simplicity.
Tips and Tutorials for Bug Bounty and also Penetration Tests.
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.
bash script for automating subdomain enumeration process either passive or active
Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
A collection of PDF/books about the modern web application security and bug bounty.
A collection of awesome one-liner scripts especially for bug bounty tips.
CloudSniffer is a powerful tool designed to aid in the discovery of the real IP address of a website protected by Cloudflare. It leverages brute force techniques by testing a list of IP addresses and ...
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Streamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using shell script and open source tools.
A fast DOM based XSS vulnerability scanner with simplicity.
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Collection of methodology and test case for various web vulnerabilities.
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
A collection of PDF/books about the modern web application security and bug bounty.
A collection of awesome one-liner scripts especially for bug bounty tips.
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Tips and Tutorials for Bug Bounty and also Penetration Tests.
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
CloudSniffer is a powerful tool designed to aid in the discovery of the real IP address of a website protected by Cloudflare. It leverages brute force techniques by testing a list of IP addresses and ...
A tool which helps identifying client-side prototype polluting libraries
PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of ...
A collection of PDF/books about the modern web application security and bug bounty.
OWASP BLT is a bug logging tool to report issues and get points, organizations are held accountable.
FourOhMe is a tool for testing HTTP headers on a website in order to try to bypass 40* HTTP codes. Written in Go, so easy to install and fast out of the box.
Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
bash script for automating subdomain enumeration process either passive or active
"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.
🚀 A DNS automated scanner and tool 🖱️ (Zone Transfer, DNS Zone Takeover, Subdomain Takeover).
A curated list of available Bug Bounty & Disclosure Programs and Write-ups.