בס״ד
⫷ HacKingPro ⫸
⫷ TryHackMe | KoTH ⫸
⫷ Privilege-Escalation⫸
⫷ ScanPro | Linfo | Diablo ⫸
⫷ Offensive-Security | PenTest ⫸
⫷ Goals | Studies | HacKing | AnyTeam ⫸
-
-
A comprehensive curated list of Bug Bounty Programs and write-ups from the Bug Bounty hunters.
-
-
-
Hacking-Books Here Are Some Popular Hacking PDF
-
The Threat Hunter Playbook ~ The Threat Hunter Playbook
The Threat Hunter Playbook is a community-driven, open source project to share detection logic, adversary tradecraft and resources to make detection development more efficient. All the detection documents in this project follow the structure of MITRE ATT&CK categorizing post-compromise adversary behavior in tactical groups and are available in the form of interactive notebooks. The use of notebooks not only allow us to share text, queries and expected output, but also code to help others run detection logic against pre-recorded security datasets locally or remotely through BinderHub cloud computing environments.
-
-
A list of interesting payloads, tips and tricks for bug bounty hunters.
Here are some of the tools that we use when we perform Live Recon Passive ONLY on Twitch:
- Recon-ng https://github.com/lanmaster53/recon-ng
- httpx https://github.com/projectdiscovery/httpx
- isup.sh https://github.com/gitnepal/isup
- Arjun https://github.com/s0md3v/Arjun
- jSQL https://github.com/ron190/jsql-injection
- Smuggler https://github.com/defparam/smuggler
- Sn1per https://github.com/1N3/Sn1per
- Spiderfoot https://github.com/smicallef/spiderfoot
- Nuclei https://github.com/projectdiscovery/nuclei
- Jaeles https://github.com/jaeles-project/jaeles
- ChopChop https://github.com/michelin/ChopChop
- Inception https://github.com/proabiral/inception
- Eyewitness https://github.com/FortyNorthSecurity/EyeWitness
- Meg https://github.com/tomnomnom/meg
- Gau - Get All Urls https://github.com/lc/gau
- Snallygaster https://github.com/hannob/snallygaster
- NMAP https://github.com/nmap/nmap
- Waybackurls https://github.com/tomnomnom/waybackurls
- Gotty https://github.com/yudai/gotty
- GF https://github.com/tomnomnom/gf
- GF Patterns https://github.com/1ndianl33t/Gf-Patterns
- Paramspider https://github.com/devanshbatham/ParamSpider
- XSSER https://github.com/epsylon/xsser
- UPDOG https://github.com/sc0tfree/updog
- JSScanner https://github.com/dark-warlord14/JSScanner
- Takeover https://github.com/m4ll0k/takeover
- Keyhacks https://github.com/streaak/keyhacks
- S3 Bucket AIO Pwn https://github.com/blackhatethicalhacking/s3-buckets-aio-pwn
- BHEH Sub Pwner Recon https://github.com/blackhatethicalhacking/bheh-sub-pwner
- GitLeaks https://github.com/zricethezav/gitleaks
- Domain-2IP-Converter https://github.com/blackhatethicalhacking/Domain2IP-Converter
- Dalfox https://github.com/hahwul/dalfox
- Log4j Scanner https://github.com/Black-Hat-Ethical-Hacking/log4j-scan
- Osmedeus https://github.com/j3ssie/osmedeus
- getJS https://github.com/003random/getJS
-
A Powerfull BUG HUNTING TOOL. Supports SQL, XSS, PHP code execution, SSRF,.... I had Appended My Own Payloads which I had founded during my BUG Hunting Rest You can add Your CUSTOM payloads too ;)
-
Bug-Bounty-Tools: Random Tools for Bug Bounty
-
-
It is similar to the recon_profile, but it uses the pet. pet can manage the command set more progressively.
-
A curated list of Capture The Flag (CTF) frameworks, libraries, resources and softwares.
-
If you have questions or suggestions, don't hesitate to contact me on twitter (https://twitter.com/_sehno_)
-
-
-
-
-
Python Script for Telegram Bot is specially built for pentest & bug bounty. It's like a telegram shell.
You will be notified when your task(command line) is finished with results. This bot make long time tasks by you, taking off the need of your attention if it's finished.
-
-
-
FuzzDB was created to increase the likelihood of finding application security vulnerabilities through dynamic application security testing. It's the first and most comprehensive open dictionary of fault injection patterns, predictable resource locations, and regex for matching server responses.
-
A set of tools for making life easier with wordlists
-
related to web application security assessments and more specifically towards bug hunting in bug bounties.
-
Tips and Tutorials for Bug Bounty and also Penetration Tests.
-
Tutorials and Things to Do while Hunting Vulnerability.
-
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
-
All about bug bounty (bypasses, payloads, and etc)
-
-
-
###A list of resources for those interested in getting started in bug bounties