bughuntercat

bughuntercat's Stars

• djadmin/awesome-bug-bounty

  A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

  4.7k918

• roglew/guppy-proxy

  The Guppy Proxy (GUI Pappy)

  Language:Python14418

• Hack-with-Github/Awesome-Hacking

  A collection of various awesome lists for hackers, pentesters and security researchers

  85.5k9k

• juice-shop/juice-shop

  OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

  Language:TypeScript10.5k10.9k

• smlinux/rtl8723de

  Realtek RTL8723DE module for Linux

  Language:C260126

• swisskyrepo/PayloadsAllTheThings

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  Language:Python61.3k14.7k

• sleuthkit/autopsy

  Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.

  Language:Java2.4k595

• gwen001/BB-datas

  Tools and datas related to Bug Bounty.

  Language:PHP23068

• secdec/attack-surface-detector-zap

  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

  Language:Java6114

• mystech7/Burp-Hunter

  XSS Hunter Burp Plugin

  Language:Java14827

• tomnomnom/hacks

  A collection of hacks and one-off scripts

  Language:Go2.1k640

• LewisArdern/bXSS

  bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

  Language:JavaScript51664

• zaproxy/zaproxy

  The ZAP by Checkmarx Core project

  Language:Java12.7k2.3k

• Fuzzapi/fuzzapi

  Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem

  Language:Ruby632171

• bugcrowd/bugcrowd_university

  Open source education content for the researcher community

  2.6k552

• tarunkant/EndPoint-Finder

  Finds the End-Points in JavaScript files

  Language:Python8823

• rapid7/metasploitable3

  Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.

  Language:HTML4.8k1.1k

• sensepost/gowitness

  🔍 gowitness - a golang, web screenshot utility using Chrome Headless

  Language:Go3.3k351

• secdec/attack-surface-detector-burp

  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

  Language:Java9827

• secfigo/Awesome-Fuzzing

  A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.

  5.3k813

• evilsocket/dirsearch

  A Go implementation of dirsearch.

  Language:Go26970

• wagiro/BurpBounty

  Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

  Language:Java1.7k339

• bjut-hz/E-Books

  IT e-books

  Language:Shell1.6k

• golang/go

  The Go programming language

  Language:Go124k17.7k

• TechBookHunter/Free-Python-Books

  A curated collection of free eBooks about Python

  430342

• projectdiscovery/subfinder

  Fast passive subdomain enumeration tool.

  Language:Go10.3k1.3k

• 1N3/IntruderPayloads

  A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

  Language:BlitzBasic3.7k1.2k

• rinetd/burpsuite

  Language:Shell68

• zaproxy/zap-extensions

  ZAP Add-ons

  Language:HTML840704

• bugcrowd/vulnerability-rating-taxonomy

  Bugcrowd’s baseline priority ratings for common security vulnerabilities

  Language:Python44584