bugbounty-tools

There are 66 repositories under bugbounty-tools topic.

  • GhostTroops/scan4all

    Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

    Language:Go5.4k64107654

  • metlo-labs/metlo

    Metlo is an open-source API security platform.

    Language:TypeScript1.6k153291
  • metabigor

    j3ssie/metabigor

    OSINT tools and more but without API key

    Language:Go1.2k2424168

  • s3c-krd/s3cXSSer

    This extension will help you to detect GET/POST based XSS vulnerability in any website easily

    Language:JavaScript2356633

  • ShivamRai2003/Reconky-Automated_Bash_Script

    Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

    Language:Shell1949240

  • Alikhalkhali/programs-watcher

    A Python script designed to monitor bug bounty programs for any changes and promptly notify users.

    Language:Python1646531

  • e1abrador/sub.Monitor

    Self-hosted passive subdomain continous monitoring tool.

    Language:Python1553416

  • edoardottt/secfiles

    My useful files for penetration tests, security assessments, bug bounty and other security related stuff

    Language:Shell1378115

  • mlcsec/huntsman

    Email enumerator, username generator, and context validator for hunter.io, snov.io, and skrapp.io

    Language:Python71102

  • gilts/wsee

    A CDN Domain Fronting Tool or Websocket Discovery written in Python

    Language:Python535812

  • PatrikFehrenbach/BugBountyBlueprint

    A tool offering templates for streamlined bug bounty reporting

    Language:Vue53317

  • Damian89/yataf

    yataf extracts secrets and paths from files or urls - its best used against javascript files

    Language:Go51308

  • Alikhalkhali/active-ip

    🕵️‍♂️🔍 A tool with several scanning techniques that extracts live IP addresses from a list of IP addresses or CIDR notations.

    Language:Go471011
  • crlfi

    karthi-the-hacker/crlfi

    CRLF Bug scanner for WebPentesters and Bugbounty Hunters

    Language:JavaScript40217

  • BLACK-SCORP10/url-status-checker

    Status Checker is a Python tool for swiftly checking the status of URLs. It categorizes responses by HTTP status codes, offering clear insights into website health. With async requests, color-coded output, and easy CLI usage, it's a handy solution for monitoring web service performance.

    Language:Python37109

  • karthi-the-hacker/Gh0stR3c0n

    All in one web Recon app

    Language:HTML372115
  • dProgBb

    xcapri/dProgBb

    Detect Program Bug Bounty

    Language:Python353113

  • securi3ytalent/bug-bounty-tips

    Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Online tips and explain the commands, for the better understanding of new hunters..

    Language:Python21109

  • imhego/HEGO-Wiki

    HEGO Hunting Wiki | Offensive Cybersecurity Checklist

    19101

  • d3mondev/crossjoin

    Generate a cross join, also known as a Cartesian product, from the lines of the specified files. This process is useful for creating fuzzing payloads.

    Language:Go16102

  • ReverseTEN/NucProbe

    Automate Nuclei scans and streamline bug hunting workflows

    Language:Shell16113

  • imhego/pointer

    Pointer is a Fast Simple Lightweight Tool for Endpoint Discovery.

    Language:Shell13101

  • shubhdhungana/Bug-Bounty-Ultimate-Tools

    Ultimate List Of Bug Bounty Tools

    7102

  • securi3ytalent/JS_waybackurls

    Fetch all the URLs that the Wayback Machine knows about for a domain

    Language:JavaScript6102

  • TariqullslamHridoy/Subdisco.finder

    Subdisco finder is a tool designed in java and uses Open-source intelligence (OSINT) in order to enumerate subdomains of websites

    Language:Java5100

  • karthi-the-hacker/subsleuth

    Subsleuth is a powerful subdomain bruteforcing for bug bounty hunters and penetration testers to discover subdomains and enhance their web security testing.

    Language:JavaScript4104

  • sujayadkesar/web-dork

    In the context of web application penetration testing, Google Dorks can be used to find vulnerabilities and sensitive information in websites. This involves searching for specific keywords or file types that can indicate the presence of vulnerabilities or sensitive information, such as login pages, database files, and backups.

    Language:HTML4202

  • Cappricio-Securities/citrix-netscaler-memory-leak

    Citrix Netscaler ADC & Gateway v13.1-50.23 - Out-Of-Bounds Memory Read

    Language:Python2000

  • Cappricio-Securities/CVE-2000-0114

    Microsoft FrontPage Extensions Check (shtml.dll)

    Language:Python200

  • Cappricio-Securities/shell-history-leaks

    This tool is used to find shell history leaking

    Language:Python2000

  • ipk1/ScanCrawlSecret

    A tool using mass, naabu,httpx subfinder,chaos,uncover,asnmap,shuffledns and dns search to enumerate subdomains for a given domain ,

    Language:Shell2101

  • Qyfashae/Bug_Bounty_Scripts

    My private bug bounty scripts i have written under the years for real time projects within bug bounty hunting and penetration testing(red team).

    Language:JavaScript2100

  • ReverseTEN/subtracker

    Gain the edge in hidden subdomain discovery with Subtracker.

    Language:Shell2100

  • securi3ytalent/bug-bounty-tools

    bug bounty tools list

    2100

  • securi3ytalent/JS_domainToIP

    Domain TO IP Convert

    Language:JavaScript210

  • TheFellowHacker/webseek

    WebSeek is a content discovery script written in Bash, designed to automate the process of gathering URLs and identifying potential vulnerabilities from a specified domain or list of subdomains.

    Language:Shell210