ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-51.18%)
Mutual labels: penetration-testing, methodology, bugbounty
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+25812.6%)
Mutual labels: penetration-testing, methodology, bugbounty
GarudAn automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Stars: ✭ 183 (+44.09%)
Mutual labels: penetration-testing, bugbounty
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (+47.24%)
Mutual labels: penetration-testing, bugbounty
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+2949.61%)
Mutual labels: penetration-testing, bugbounty
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (+27.56%)
Mutual labels: penetration-testing, bugbounty
Awesome Vulnerable AppsAwesome Vulnerable Applications
Stars: ✭ 180 (+41.73%)
Mutual labels: penetration-testing, bugbounty
Awesome BbhtA bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (+49.61%)
Mutual labels: penetration-testing, bugbounty
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+936.22%)
Mutual labels: penetration-testing, bugbounty
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+11.81%)
Mutual labels: penetration-testing, bugbounty
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+131.5%)
Mutual labels: penetration-testing, bugbounty
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (-64.57%)
Mutual labels: penetration-testing, bugbounty
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (+10.24%)
Mutual labels: penetration-testing, bugbounty
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+1418.11%)
Mutual labels: penetration-testing, bugbounty
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (+43.31%)
Mutual labels: penetration-testing, bugbounty
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-17.32%)
Mutual labels: penetration-testing, methodology
3klconAutomation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.
Stars: ✭ 189 (+48.82%)
Mutual labels: penetration-testing, bugbounty
AwsbucketdumpSecurity Tool to Look For Interesting Files in S3 Buckets
Stars: ✭ 1,021 (+703.94%)
Mutual labels: penetration-testing, bugbounty
boxerBoxer: A fast directory bruteforce tool written in Python with concurrency.
Stars: ✭ 15 (-88.19%)
Mutual labels: penetration-testing, bugbounty
crtfinderFast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques
Stars: ✭ 96 (-24.41%)
Mutual labels: penetration-testing, bugbounty