ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-35.42%)
Mutual labels: penetration-testing, bugbounty
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (+68.75%)
Mutual labels: penetration-testing, bugbounty
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+1270.83%)
Mutual labels: penetration-testing, bugbounty
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+698.96%)
Mutual labels: penetration-testing, bugbounty
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (+94.79%)
Mutual labels: penetration-testing, bugbounty
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+964.58%)
Mutual labels: penetration-testing, bugbounty
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (+45.83%)
Mutual labels: penetration-testing, bugbounty
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+344.79%)
Mutual labels: penetration-testing, bugbounty
GarudAn automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Stars: ✭ 183 (+90.63%)
Mutual labels: penetration-testing, bugbounty
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (+89.58%)
Mutual labels: penetration-testing, bugbounty
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+691.67%)
Mutual labels: penetration-testing, bugbounty
Awesome BbhtA bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (+97.92%)
Mutual labels: penetration-testing, bugbounty
DirsearchWeb path scanner
Stars: ✭ 7,246 (+7447.92%)
Mutual labels: penetration-testing, bugbounty
AwsbucketdumpSecurity Tool to Look For Interesting Files in S3 Buckets
Stars: ✭ 1,021 (+963.54%)
Mutual labels: penetration-testing, bugbounty
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+34180.21%)
Mutual labels: penetration-testing, bugbounty
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+1908.33%)
Mutual labels: penetration-testing, bugbounty
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+3432.29%)
Mutual labels: penetration-testing, bugbounty
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: ✭ 297 (+209.38%)
Mutual labels: penetration-testing, bugbounty
Awesome Vulnerable AppsAwesome Vulnerable Applications
Stars: ✭ 180 (+87.5%)
Mutual labels: penetration-testing, bugbounty
3klconAutomation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.
Stars: ✭ 189 (+96.88%)
Mutual labels: penetration-testing, bugbounty