Trending repositories for topic bugbountytips

All about bug bounty (bypasses, payloads, and etc)

Collection of methodology and test case for various web vulnerabilities.

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

A collection of awesome one-liner scripts especially for bug bounty tips.

𝗖𝗼𝗺𝗽𝗹𝗲𝘁𝗲 𝗕𝘂𝗴 𝗕𝗼𝘂𝗻𝘁𝘆 𝗥𝗼𝗮𝗱𝗺𝗮𝗽 🎯

A collection of PDF/books about the modern web application security and bug bounty.

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

Generate tens of thousands of subdomain combinations in a matter of seconds

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

𝗖𝗼𝗺𝗽𝗹𝗲𝘁𝗲 𝗕𝘂𝗴 𝗕𝗼𝘂𝗻𝘁𝘆 𝗥𝗼𝗮𝗱𝗺𝗮𝗽 🎯

Generate tens of thousands of subdomain combinations in a matter of seconds

All about bug bounty (bypasses, payloads, and etc)

A collection of PDF/books about the modern web application security and bug bounty.

A collection of awesome one-liner scripts especially for bug bounty tips.

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

Collection of methodology and test case for various web vulnerabilities.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

All about bug bounty (bypasses, payloads, and etc)

𝗖𝗼𝗺𝗽𝗹𝗲𝘁𝗲 𝗕𝘂𝗴 𝗕𝗼𝘂𝗻𝘁𝘆 𝗥𝗼𝗮𝗱𝗺𝗮𝗽 🎯

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

Collection of methodology and test case for various web vulnerabilities.

A collection of PDF/books about the modern web application security and bug bounty.

A collection of awesome one-liner scripts especially for bug bounty tips.

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

acunetix-13 install in kali linux

A fast DOM based XSS vulnerability scanner with simplicity.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Asset inventory of over 800 public bug bounty programs.

Tips and Tutorials for Bug Bounty and also Penetration Tests.

OSINT tools and more but without API key

CloudSniffer is a powerful tool designed to aid in the discovery of the real IP address of a website protected by Cloudflare. It leverages brute force techniques by testing a list of IP addresses and ...

🎯 CSV Injection Payloads

Generate tens of thousands of subdomain combinations in a matter of seconds

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

These are my checklists which I use during my hunting.

Some files for bruteforcing certain things.

𝗖𝗼𝗺𝗽𝗹𝗲𝘁𝗲 𝗕𝘂𝗴 𝗕𝗼𝘂𝗻𝘁𝘆 𝗥𝗼𝗮𝗱𝗺𝗮𝗽 🎯

acunetix-13 install in kali linux

CloudSniffer is a powerful tool designed to aid in the discovery of the real IP address of a website protected by Cloudflare. It leverages brute force techniques by testing a list of IP addresses and ...

A collection of PDF/books about the modern web application security and bug bounty.

🎯 CSV Injection Payloads

Generate tens of thousands of subdomain combinations in a matter of seconds

A collection of awesome one-liner scripts especially for bug bounty tips.

All about bug bounty (bypasses, payloads, and etc)

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

A fast DOM based XSS vulnerability scanner with simplicity.

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

Collection of methodology and test case for various web vulnerabilities.

These are my checklists which I use during my hunting.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

OSINT tools and more but without API key

Asset inventory of over 800 public bug bounty programs.

Tips and Tutorials for Bug Bounty and also Penetration Tests.

Some files for bruteforcing certain things.

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

All about bug bounty (bypasses, payloads, and etc)

A collection of PDF/books about the modern web application security and bug bounty.

A collection of awesome one-liner scripts especially for bug bounty tips.

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

Collection of methodology and test case for various web vulnerabilities.

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

Some files for bruteforcing certain things.

𝗖𝗼𝗺𝗽𝗹𝗲𝘁𝗲 𝗕𝘂𝗴 𝗕𝗼𝘂𝗻𝘁𝘆 𝗥𝗼𝗮𝗱𝗺𝗮𝗽 🎯

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

These are my checklists which I use during my hunting.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

Asset inventory of over 800 public bug bounty programs.

A collection of custom security tools for quick needs.

OSINT tools and more but without API key

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

A fast DOM based XSS vulnerability scanner with simplicity.

𝗖𝗼𝗺𝗽𝗹𝗲𝘁𝗲 𝗕𝘂𝗴 𝗕𝗼𝘂𝗻𝘁𝘆 𝗥𝗼𝗮𝗱𝗺𝗮𝗽 🎯

acunetix-13 install in kali linux

A curated list of available Bug Bounty & Disclosure Programs and Write-ups.

CloudSniffer is a powerful tool designed to aid in the discovery of the real IP address of a website protected by Cloudflare. It leverages brute force techniques by testing a list of IP addresses and ...

A collection of PDF/books about the modern web application security and bug bounty.

Chrome extension that lists Amazon S3 Buckets while browsing

Cyber Security Notes, Methodology, Resources and Tips

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

These are my checklists which I use during my hunting.

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

Some files for bruteforcing certain things.

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

A collection of awesome one-liner scripts especially for bug bounty tips.

A fast DOM based XSS vulnerability scanner with simplicity.

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

OSINT tools and more but without API key

Dump all available paths and/or endpoints on WADL file.

Asset inventory of over 800 public bug bounty programs.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

𝗖𝗼𝗺𝗽𝗹𝗲𝘁𝗲 𝗕𝘂𝗴 𝗕𝗼𝘂𝗻𝘁𝘆 𝗥𝗼𝗮𝗱𝗺𝗮𝗽 🎯

All about bug bounty (bypasses, payloads, and etc)

Collection of methodology and test case for various web vulnerabilities.

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

A collection of PDF/books about the modern web application security and bug bounty.

A collection of awesome one-liner scripts especially for bug bounty tips.

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

Asset inventory of over 800 public bug bounty programs.

"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.

Some files for bruteforcing certain things.

OSINT tools and more but without API key

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Tips and Tutorials for Bug Bounty and also Penetration Tests.

A collection of custom security tools for quick needs.

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

These are my checklists which I use during my hunting.

acunetix-13 install in kali linux

A tool which helps identifying client-side prototype polluting libraries

PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of ...

CloudSniffer is a powerful tool designed to aid in the discovery of the real IP address of a website protected by Cloudflare. It leverages brute force techniques by testing a list of IP addresses and ...

A collection of PDF/books about the modern web application security and bug bounty.

FourOhMe is a tool for testing HTTP headers on a website in order to try to bypass 40* HTTP codes. Written in Go, so easy to install and fast out of the box.

OWASP BLT is tool with the purpose of making the web a safer place. We have many facets to the project.

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

A curated list of available Bug Bounty & Disclosure Programs and Write-ups.

bash script for automating subdomain enumeration process either passive or active

"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.

Cyber Security Notes, Methodology, Resources and Tips

Asset inventory of over 800 public bug bounty programs.

These are my checklists which I use during my hunting.

Self-hosted passive subdomain continous monitoring tool.

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

🚀 A DNS automated scanner and tool 🖱️ (Zone Transfer, DNS Zone Takeover, Subdomain Takeover).

A small tool to help developers understand a huge set of security requirements from appsec teams

Rapidly enumerate subdomains and domains using rapiddns.io.