bugbounty

There are 2002 repositories under bugbounty topic.

swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Language:Python61.5k 1.8k 014.7k
maurosoria/dirsearch
Web path scanner
Language:Python12.2k 308 5472.3k
nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
10.8k 571 271.9k
projectdiscovery/subfinder
Fast passive subdomain enumeration tool.
Language:Go10.3k 155 4591.3k
projectdiscovery/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
Language:JavaScript9.3k 194 1.5k2.6k
shmilylty/OneForAll
OneForAll是一款功能强大的子域收集工具
Language:Python8.4k 102 3251.3k
edoardottt/awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
Language:Shell7.8k 121 116747
projectdiscovery/httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
Language:Go7.8k 80 635844
yogeshojha/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
Language:HTML7.5k 141 8671.1k
OWASP/wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Language:Dockerfile7.3k 338 3461.3k
blacklanternsecurity/bbot
A recursive internet scanner for hackers.
Language:Python6.6k 59 868505
payloadbox/xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
6.4k 136 121.7k
KathanP19/HowToHunt
Collection of methodology and test case for various web vulnerabilities.
6.1k 276 181.7k
dstotijn/hetty
An HTTP toolkit for security research.
Language:Go6.1k 110 41351
EdOverflow/bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
5.9k 240 51.6k
daffainfo/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
5.9k 171 61.1k
six2dez/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Language:Shell5.7k 108 456924
ihebski/DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Language:Python5.7k 88 16700
GhostTroops/scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
Language:Go5.5k 65 107659
j3ssie/osmedeus
A Workflow Engine for Offensive Security
Language:Go5.3k 133 226878
payloadbox/sql-injection-payload-list
🎯 SQL Injection Payload List
5k 92 71.2k
dwisiswant0/apkleaks
Scanning APK file for URIs, endpoints & secrets.
Language:Python5k 79 64495
EdOverflow/can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Language:Python4.9k 127 239716
devanshbatham/Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Language:Python4.7k 242 171k
commixproject/commix
Automated All-in-One OS Command Injection Exploitation Tool.
Language:Python4.6k 158 936819
hakluke/hakrawler
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
Language:Go4.5k 61 105497
vavkamil/awesome-bugbounty-tools
A curated list of various bug bounty tools
4.3k 94 15686
reddelexc/hackerone-reports
Top disclosed reports from HackerOne
Language:Python3.9k 147 10721
hahwul/WebHackersWeapons
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Language:Ruby3.9k 130 31678
hahwul/dalfox
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
Language:Go3.8k 55 308423
1N3/IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
Language:BlitzBasic3.7k 168 131.2k
projectdiscovery/interactsh
An OOB interaction gathering server and client library
Language:Go3.5k 41 190367
Findomain/Findomain
The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API Keys for sources and much more.
Language:Rust3.3k 59 160369
antonio-morales/Fuzzing101
An step by step fuzzing tutorial. A GitHub Security Lab initiative
3.2k 56 23341
gwen001/pentest-tools
A collection of custom security tools for quick needs.
Language:Python3.2k 109 13791
vaib25vicky/awesome-mobile-security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
3k 110 4345