bugbountytips

There are 163 repositories under bugbountytips topic.

KathanP19/HowToHunt
Collection of methodology and test case for various web vulnerabilities.
6.1k 276 181.7k
daffainfo/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
5.9k 171 61.1k
devanshbatham/Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Language:Python4.7k 242 171k
hahwul/WebHackersWeapons
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Language:Ruby3.9k 130 31678
gwen001/pentest-tools
A collection of custom security tools for quick needs.
Language:Python3.2k 109 13791
dwisiswant0/awesome-oneliner-bugbounty
A collection of awesome one-liner scripts especially for bug bounty tips.
2.7k 79 18578
inonshk/31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
2.1k 63 2332
insightglacier/Dictionary-Of-Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Language:Shell1.9k 47 2355
HolyBugx/HolyTips
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
1.8k 76 4301
lutfumertceylan/top25-parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
1.7k 44 5271
harsh-bothra/learn365
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
1.6k 112 3393
0xmaximus/Galaxy-Bugbounty-Checklist
Tips and Tutorials for Bug Bounty and also Penetration Tests.
1.4k 31 3344
Cyber-Guy1/API-SecurityEmpire
API Security Project aims to present unique attack & defense methods in API Security field
1.4k 34 0245
xalgord/Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes
A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.
1.3k 24 10204
trickest/inventory
Asset inventory of over 800 public bug bounty programs.
Language:Shell1.3k 52 7225
j3ssie/metabigor
OSINT tools and more but without API key
Language:Go1.3k 24 24168
Viralmaniar/BigBountyRecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Language:C#1.2k 38 8243
hahwul/XSpear
🔱 Powerfull XSS Scanning and Parameter analysis tool&gem
Language:Ruby1.2k 46 70226
random-robbie/bruteforce-lists
Some files for bruteforcing certain things.
1.2k 35 3358
akr3ch/BugBountyBooks
A collection of PDF/books about the modern web application security and bug bounty.
1.1k 30 0313
indianajson/can-i-take-over-dns
"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.
989 32 3093
R0X4R/Garud
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Language:Shell778 17 38178
dwisiswant0/findom-xss
A fast DOM based XSS vulnerability scanner with simplicity.
Language:Shell771 26 10111
hahwul/MobileHackersWeapons
Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
Language:Go765 47 5125
payloadbox/ssti-payloads
🎯 Server Side Template Injection Payloads
602 10 1130
dwisiswant0/ppfuzz
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
Language:Rust590 7 2254
tuhin1729/Bug-Bounty-Methodology
These are my checklists which I use during my hunting.
Language:HTML576 19 079
taielab/Taie-Bugbounty-killer
挖掘国内外漏洞平台必备的自动化捡钱赏金技巧，看了并去做了捡钱如喝水。
408 12 233
edoardottt/missing-cve-nuclei-templates
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
Language:Shell338 11 739
Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera
🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337
Language:HTML328 6 134
hash3liZer/Subrake
🚀 A DNS automated scanner and tool 🖱️ (Zone Transfer, DNS Zone Takeover, Subdomain Takeover).
Language:CSS292 14 664
trickest/mksub
Generate tens of thousands of subdomain combinations in a matter of seconds
Language:Go254 5 422
Neelakandan-A/BugBounty_CheatSheet
BugBounty_CheatSheet
248 6 154
iamthefrogy/nerdbug
Full Nuclei automation script with logic explanation.
Language:Shell237 6 362
dn0m1n8tor/learn365
This repository is about @AnubhavSingh_'s 365 days of Learning Tweets collection.
230 17 038
dwisiswant0/cf-check
CloudFlare Checker written in Go
Language:Go226 2 1042

bugbountytips

KathanP19/HowToHunt

daffainfo/AllAboutBugBounty

devanshbatham/Awesome-Bugbounty-Writeups

hahwul/WebHackersWeapons

gwen001/pentest-tools

dwisiswant0/awesome-oneliner-bugbounty

inonshk/31-days-of-API-Security-Tips

insightglacier/Dictionary-Of-Pentesting

HolyBugx/HolyTips

lutfumertceylan/top25-parameter

harsh-bothra/learn365

0xmaximus/Galaxy-Bugbounty-Checklist

Cyber-Guy1/API-SecurityEmpire

xalgord/Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes

trickest/inventory

j3ssie/metabigor

Viralmaniar/BigBountyRecon

hahwul/XSpear

random-robbie/bruteforce-lists

akr3ch/BugBountyBooks

indianajson/can-i-take-over-dns

R0X4R/Garud

dwisiswant0/findom-xss

hahwul/MobileHackersWeapons

payloadbox/ssti-payloads

dwisiswant0/ppfuzz

tuhin1729/Bug-Bounty-Methodology

taielab/Taie-Bugbounty-killer

edoardottt/missing-cve-nuclei-templates

Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera

hash3liZer/Subrake

trickest/mksub

Neelakandan-A/BugBounty_CheatSheet

iamthefrogy/nerdbug

dn0m1n8tor/learn365

dwisiswant0/cf-check