daffainfo / Allaboutbugbounty
All about bug bounty (bypasses, payloads, and etc)
Stars: ✭ 758
Projects that are alternatives of or similar to Allaboutbugbounty
Payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+4241.56%)
Mutual labels: bypass, payloads, bugbounty
Recon Pipeline
An automated target reconnaissance pipeline.
Stars: ✭ 278 (-63.32%)
Mutual labels: reconnaissance, bugbounty
Cloudscraper
CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
Stars: ✭ 276 (-63.59%)
Mutual labels: reconnaissance, bugbounty
Sql Injection Payload List
🎯 SQL Injection Payload List
Stars: ✭ 716 (-5.54%)
Mutual labels: payloads, bugbounty
Android Reports And Resources
A big list of Android Hackerone disclosed reports and other resources.
Stars: ✭ 590 (-22.16%)
Mutual labels: bypass, bugbounty
Megplus
Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
Stars: ✭ 268 (-64.64%)
Mutual labels: reconnaissance, bugbounty
Osmedeus
Fully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+347.36%)
Mutual labels: reconnaissance, bugbounty
frida setup
One-click installer for Frida and Burp certs for SSL Pinning bypass
Stars: ✭ 47 (-93.8%)
Mutual labels: bugbounty, reconnaissance
Bugbounty Cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
Stars: ✭ 3,644 (+380.74%)
Mutual labels: payloads, bugbounty
Hosthunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-43.67%)
Mutual labels: reconnaissance, bugbounty
quick-recon.py
Do some quick reconnaissance on a domain-based web-application
Stars: ✭ 13 (-98.28%)
Mutual labels: bugbounty, reconnaissance
Recon My Way
This repository created for personal use and added tools from my latest blog post.
Stars: ✭ 271 (-64.25%)
Mutual labels: reconnaissance, bugbounty
targets
A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.
Stars: ✭ 85 (-88.79%)
Mutual labels: bugbounty, reconnaissance
Lazyrecon
An automated approach to performing recon for bug bounty hunting and penetration testing.
Stars: ✭ 282 (-62.8%)
Mutual labels: reconnaissance, bugbounty
Payloads
Payload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (-44.46%)
Mutual labels: bugbounty, payloads
Xxe Injection Payload List
🎯 XML External Entity (XXE) Injection Payload List
Stars: ✭ 304 (-59.89%)
Mutual labels: payloads, bugbounty
Bigbountyrecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (-28.63%)
Mutual labels: reconnaissance, bugbounty
All about bug bounty
These are my bug bounty notes that I have gathered from various sources, you can contribute to this repository too!
List
- Business Logic Errors
- Cross Site Request Forgery (CSRF)
- Cross Site Scripting (XSS)
- Denial of Service (DoS)
- Exposed Source Code
- Host Header Injection
- Insecure Direct Object References (IDOR)
- Web Cache Poisoning
List Bypass
List CMS
List Framework
Miscellaneous
- Account Takeover
- Broken Link Hijacking
- Email Spoofing
- JWT Vulnerabilities
- Mass Assignment
- Password Reset Flaws
- Tabnabbing
- Unauthenticated Jira CVE
Reconnaissance
Coming Soon!
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].