bugbounty-tools
There are 66 repositories under bugbounty-tools topic.
GhostTroops/scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
metlo-labs/metlo
Metlo is an open-source API security platform.
j3ssie/metabigor
OSINT tools and more but without API key
s3c-krd/s3cXSSer
This extension will help you to detect GET/POST based XSS vulnerability in any website easily
ShivamRai2003/Reconky-Automated_Bash_Script
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Alikhalkhali/programs-watcher
A Python script designed to monitor bug bounty programs for any changes and promptly notify users.
e1abrador/sub.Monitor
Self-hosted passive subdomain continous monitoring tool.
edoardottt/secfiles
My useful files for penetration tests, security assessments, bug bounty and other security related stuff
mlcsec/huntsman
Email enumerator, username generator, and context validator for hunter.io, snov.io, and skrapp.io
gilts/wsee
A CDN Domain Fronting Tool or Websocket Discovery written in Python
PatrikFehrenbach/BugBountyBlueprint
A tool offering templates for streamlined bug bounty reporting
Damian89/yataf
yataf extracts secrets and paths from files or urls - its best used against javascript files
Alikhalkhali/active-ip
🕵️♂️🔍 A tool with several scanning techniques that extracts live IP addresses from a list of IP addresses or CIDR notations.
karthi-the-hacker/crlfi
CRLF Bug scanner for WebPentesters and Bugbounty Hunters
BLACK-SCORP10/url-status-checker
Status Checker is a Python tool for swiftly checking the status of URLs. It categorizes responses by HTTP status codes, offering clear insights into website health. With async requests, color-coded output, and easy CLI usage, it's a handy solution for monitoring web service performance.
karthi-the-hacker/Gh0stR3c0n
All in one web Recon app
xcapri/dProgBb
Detect Program Bug Bounty
securi3ytalent/bug-bounty-tips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Online tips and explain the commands, for the better understanding of new hunters..
imhego/HEGO-Wiki
HEGO Hunting Wiki | Offensive Cybersecurity Checklist
d3mondev/crossjoin
Generate a cross join, also known as a Cartesian product, from the lines of the specified files. This process is useful for creating fuzzing payloads.
ReverseTEN/NucProbe
Automate Nuclei scans and streamline bug hunting workflows
imhego/pointer
Pointer is a Fast Simple Lightweight Tool for Endpoint Discovery.
shubhdhungana/Bug-Bounty-Ultimate-Tools
Ultimate List Of Bug Bounty Tools
securi3ytalent/JS_waybackurls
Fetch all the URLs that the Wayback Machine knows about for a domain
TariqullslamHridoy/Subdisco.finder
Subdisco finder is a tool designed in java and uses Open-source intelligence (OSINT) in order to enumerate subdomains of websites
karthi-the-hacker/subsleuth
Subsleuth is a powerful subdomain bruteforcing for bug bounty hunters and penetration testers to discover subdomains and enhance their web security testing.
sujayadkesar/web-dork
In the context of web application penetration testing, Google Dorks can be used to find vulnerabilities and sensitive information in websites. This involves searching for specific keywords or file types that can indicate the presence of vulnerabilities or sensitive information, such as login pages, database files, and backups.
Cappricio-Securities/citrix-netscaler-memory-leak
Citrix Netscaler ADC & Gateway v13.1-50.23 - Out-Of-Bounds Memory Read
Cappricio-Securities/CVE-2000-0114
Microsoft FrontPage Extensions Check (shtml.dll)
Cappricio-Securities/shell-history-leaks
This tool is used to find shell history leaking
ipk1/ScanCrawlSecret
A tool using mass, naabu,httpx subfinder,chaos,uncover,asnmap,shuffledns and dns search to enumerate subdomains for a given domain ,
Qyfashae/Bug_Bounty_Scripts
My private bug bounty scripts i have written under the years for real time projects within bug bounty hunting and penetration testing(red team).
ReverseTEN/subtracker
Gain the edge in hidden subdomain discovery with Subtracker.
securi3ytalent/bug-bounty-tools
bug bounty tools list
securi3ytalent/JS_domainToIP
Domain TO IP Convert
TheFellowHacker/webseek
WebSeek is a content discovery script written in Bash, designed to automate the process of gathering URLs and identifying potential vulnerabilities from a specified domain or list of subdomains.