Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for bugbountytips
bugbountytips
x
81 search results found
Howtohunt
⭐
5,137
Collection of methodology and test case for various web vulnerabilities.
Allaboutbugbounty
⭐
4,793
All about bug bounty (bypasses, payloads, and etc)
Awesome Bugbounty Writeups
⭐
3,839
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Webhackersweapons
⭐
3,555
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Pentest Tools
⭐
2,652
A collection of custom security tools for quick needs.
Awesome Oneliner Bugbounty
⭐
2,201
A collection of awesome one-liner scripts especially for bug bounty tips.
31 Days Of Api Security Tips
⭐
2,006
This challenge is Inon Shkedy's 31 days API Security Tips.
Dictionary Of Pentesting
⭐
1,612
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Top25 Parameter
⭐
1,311
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Galaxy Bugbounty Checklist
⭐
1,133
Tips and Tutorials for Bug Bounty and also Penetration Tests.
Api Securityempire
⭐
1,089
API Security Project aims to present unique attack & defense methods in API Security field
Metabigor
⭐
1,087
OSINT tools and more but without API ke
Inventory
⭐
1,019
Asset inventory of over 800 public bug bounty programs.
Learn365
⭐
1,006
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
Holytips
⭐
928
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Massive Web Application Penetration Testing Bug Bounty Notes
⭐
877
Xspear
⭐
848
Powerfull XSS Scanning and Parameter analysis tool&gem
Garud
⭐
694
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Can I Take Over Dns
⭐
692
"Can I take over DNS?" — a list of DNS providers and how to claim (sub)domains via missing hosted zones
Mobilehackersweapons
⭐
586
Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
Findom Xss
⭐
487
A fast DOM based XSS vulnerability scanner with simplicity.
Bigbountyrecon
⭐
471
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Ssti Payloads
⭐
465
🎯 Server Side Template Injection Payloads
Ppfuzz
⭐
460
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
Bug Bounty Methodology
⭐
438
These are my checklists which I use during my hunting.
Missing Cve Nuclei Templates
⭐
249
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
Bugbounty_cheatsheet
⭐
211
BugBounty_CheatSheet
Subrake
⭐
211
🚀 A DNS automated scanner and tool 🖱️ (Zone Transfer, DNS Zone Takeover, Subdomain Takeover).
Learn365
⭐
207
This repository is about @AnubhavSingh_'s 365 days of Learning Tweets collection.
Mksub
⭐
204
Generate tens of thousands of subdomain combinations in a matter of seconds
Cf Check
⭐
202
CloudFlare Checker written in Go
Bbrecon
⭐
179
Python library and CLI for the Bug Bounty Recon API
Mkpath
⭐
154
Make URL path combinations using a wordlist
Scriptkiddi3
⭐
141
Streamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using shell script and open source tools.
Csv Injection Payloads
⭐
133
🎯 CSV Injection Payloads
Taie Bugbounty Killer
⭐
128
挖掘国内外漏洞平台必备的自动化捡钱赏金技巧,看了并去做了捡钱如喝水。
Nerdbug
⭐
125
Full Nuclei automation script with logic explanation.
Sub.monitor
⭐
117
Passive subdomain continous monitoring tool.
Insiders
⭐
111
Archive of Potential Insider Threats
Hack Pet
⭐
91
🐰 Managing command snippets for hackers/bug bounty hunters. with pet.
S8cn8tes
⭐
91
Cyber Security Notes, Methodology, Resources and Tips
Passdetective
⭐
85
PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of sensitive information in your command history.
Cve 2022 0337 Poc Google Chrome Microsoft Edge Opera
⭐
79
🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337
Wadl Dumper
⭐
67
Dump all available paths and/or endpoints on WADL file.
Bugbountytips
⭐
62
Webapp to search tips on Twitter through #bugbountytips
Rad Team Tools
⭐
58
赏金技巧|红队|RedTeam|信息侦查|漏洞挖掘
Ssti Xss Finder
⭐
53
XSS Finder Via SSTI
Sqli Postgres Rce Privesc Hacking Playground
⭐
52
Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.
Bounty Targets Alert
⭐
48
It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.
S3bucketlist
⭐
41
Chrome extension that lists Amazon S3 Buckets while browsing
Cve 2023 36845
⭐
39
Juniper Firewalls CVE-2023-36845 - RCE
Burp Encode Ip
⭐
39
Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.
Bug Bounty Writeups
⭐
38
A curated list of available Bug Bounty & Disclosure Programs and Write-ups.
Agnee
⭐
37
Find sensitive information using dorks from different search-engines.
Grapx
⭐
33
grapX will iterate through the URLs and grep the endpoints with all possible extensions.
Membi
⭐
32
All the members of bugbounty and infosec. If you don't know who to follow, see!
Hydrarecon
⭐
28
All In One, Fast, Easy Recon Tool
Dprogbb
⭐
27
Detect Program Bug Bounty
Deaddns
⭐
25
DNS hijacking via dead records automation tool
Security Requirements Generator
⭐
23
A small tool to help developers understand a huge set of security requirements from appsec teams
Learn365
⭐
23
This repository contains all of the resources and materials of @bhavesharmalkar's Learn365 series, including links to articles, videos, and other learning resources.
Gh0str3c0n
⭐
23
All in one web Recon app
Wdir
⭐
21
Good resources about web security that I have read.
Bug Bounty Dorks
⭐
19
Bug Bounty Dorks
Ppfang
⭐
17
A tool which helps identifying client-side prototype polluting libraries
Cve 2022 44268
⭐
17
CVE-2022-44268 ImageMagick Arbitrary File Read - Proof of Concept exploit
Oneliners
⭐
16
bug bounty tips, methodology and one liners explained
Zwatcher
⭐
14
"zwatcher is a lightweight bash script for monitoring sub/domains or a list of sub/domains and javascript files. It compares HTTP status codes and content length to detect changes and notifies the user when any modifications occur. Easily keep track of your domains' health and security with zwatcher."
Proxylist
⭐
14
List of continuously updated proxy servers
Archer
⭐
13
A tool to check for response status codes with ease
Scripts
⭐
13
Handy scripts and one-liners to make life easier
Hego Wiki
⭐
12
HEGO Hunting Wiki | Offensive Cybersecurity Checklist
Pointer
⭐
11
Pointer is a Fast Simple Lightweight Tool for Endpoint Discovery.
Infosec Tips
⭐
9
Infosec writeups, Bug bounty tips, Tweets & Many more that are picked from around the world || I personally use it || I try to mend it daily. So, stay tuned and learn something
Bug Bounty Tips
⭐
8
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Online tips and explain the commands, for the better understanding of new hunters..
Digit
⭐
8
Extract endpoints from specific Git repository for fuzzing
Bounty Notes
⭐
6
My bug bounty notes
Hostinject
⭐
5
hostinject (Host Header Injection) Tool is a Python script that allows you to perform host header injection vulnerability testing on a target URL or a list of URLs. It injects various header values and checks for potential vulnerabilities.
Bug Bounty Testing Essential Guideline Startup Bug Hunters
⭐
5
Bug Bounty Testing Essential Guideline : Startup Bug Hunters
Rapiddns
⭐
5
Rapidly enumerate subdomains and domains using rapiddns.io.
Shopifytakeover
⭐
5
Just Another Shopify Subdomain Takeover Tool
1-81 of 81 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.