bugbountytips
There are 147 repositories under bugbountytips topic.
KathanP19/HowToHunt
Collection of methodology and test case for various web vulnerabilities.
daffainfo/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
devanshbatham/Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
hahwul/WebHackersWeapons
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
gwen001/pentest-tools
A collection of custom security tools for quick needs.
dwisiswant0/awesome-oneliner-bugbounty
A collection of awesome one-liner scripts especially for bug bounty tips.
inonshk/31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
insightglacier/Dictionary-Of-Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
HolyBugx/HolyTips
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
lutfumertceylan/top25-parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
harsh-bothra/learn365
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
0xmaximus/Galaxy-Bugbounty-Checklist
Tips and Tutorials for Bug Bounty and also Penetration Tests.
Cyber-Guy1/API-SecurityEmpire
API Security Project aims to present unique attack & defense methods in API Security field
j3ssie/metabigor
OSINT tools and more but without API key
Viralmaniar/BigBountyRecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
trickest/inventory
Asset inventory of over 800 public bug bounty programs.
hahwul/XSpear
🔱 Powerfull XSS Scanning and Parameter analysis tool&gem
random-robbie/bruteforce-lists
Some files for bruteforcing certain things.
akr3ch/BugBountyBooks
A collection of PDF/books about the modern web application security and bug bounty.
R0X4R/Garud
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
indianajson/can-i-take-over-dns
"Can I take over DNS?" — a list of DNS providers and how to claim (sub)domains via missing hosted zones
dwisiswant0/findom-xss
A fast DOM based XSS vulnerability scanner with simplicity.
hahwul/MobileHackersWeapons
Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
payloadbox/ssti-payloads
🎯 Server Side Template Injection Payloads
dwisiswant0/ppfuzz
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
tuhin1729/Bug-Bounty-Methodology
These are my checklists which I use during my hunting.
taielab/Taie-Bugbounty-killer
挖掘国内外漏洞平台必备的自动化捡钱赏金技巧,看了并去做了捡钱如喝水。
Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera
🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337
edoardottt/missing-cve-nuclei-templates
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
hash3liZer/Subrake
🚀 A DNS automated scanner and tool 🖱️ (Zone Transfer, DNS Zone Takeover, Subdomain Takeover).
trickest/mksub
Generate tens of thousands of subdomain combinations in a matter of seconds
Neelakandan-A/BugBounty_CheatSheet
BugBounty_CheatSheet
dn0m1n8tor/learn365
This repository is about @AnubhavSingh_'s 365 days of Learning Tweets collection.
dwisiswant0/cf-check
CloudFlare Checker written in Go
serain/bbrecon
Python library and CLI for the Bug Bounty Recon API