danilabs / Tools Tbhm
Tools of "The Bug Hunters Methodology V2 by @jhaddix"
Stars: ✭ 171
Programming Languages
shell
77523 projects
Projects that are alternatives of or similar to Tools Tbhm
Resources
A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-63.74%)
Mutual labels: security-tools, bugbounty
Minesweeper
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-5.26%)
Mutual labels: security-tools, bugbounty
Gitgraber
gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (+580.7%)
Mutual labels: security-tools, bugbounty
Subdomainizer
A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Stars: ✭ 915 (+435.09%)
Mutual labels: security-tools, bugbounty
Swiftness
A note-taking macOS app for penetration-testers.
Stars: ✭ 124 (-27.49%)
Mutual labels: security-tools, bugbounty
Jaeles
The Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+527.49%)
Mutual labels: security-tools, bugbounty
Arl
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+693.57%)
Mutual labels: security-tools, bugbounty
Stacoan
StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (+313.45%)
Mutual labels: security-tools, bugbounty
Dns Discovery
DNS-Discovery is a multithreaded subdomain bruteforcer.
Stars: ✭ 114 (-33.33%)
Mutual labels: security-tools, bugbounty
Bulwark
An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-33.92%)
Mutual labels: security-tools, bugbounty
Vhostscan
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+348.54%)
Mutual labels: security-tools, bugbounty
Nosqlmap
Automated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+1027.49%)
Mutual labels: security-tools, bugbounty
Interlace
Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+344.44%)
Mutual labels: security-tools, bugbounty
Rescope
Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-8.77%)
Mutual labels: security-tools, bugbounty
Bypass Firewalls By Dns History
Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
Stars: ✭ 739 (+332.16%)
Mutual labels: security-tools, bugbounty
Awesome Bugbounty Tools
A curated list of various bug bounty tools
Stars: ✭ 96 (-43.86%)
Mutual labels: security-tools, bugbounty
Hosthunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+149.71%)
Mutual labels: security-tools, bugbounty
Security Tools
Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+197.66%)
Mutual labels: security-tools, bugbounty
Deksterecon
Web Application recon automation
Stars: ✭ 109 (-36.26%)
Mutual labels: security-tools, bugbounty
Awesome Mobile Security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+974.27%)
Mutual labels: security-tools, bugbounty
Tools of The Bug Hunters Methodology V2
NOTE: The following list has been created based on the PPT "The Bug Hunters Methodology V2 by @jhaddix"
Discovery
- Sublist3r (Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT).
- Brutesubs (An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker Compose).
- Cloudflare_enum (Cloudflare DNS Enumeration Tool for Pentesters).
- Censys.py (Quick and Dirty script to use the Censys API to query subdomains of a target domain).
- massdns (A high-performance DNS stub resolver).
- ListSubs.txt (A list with a lot of subs).
- EyeWitness (EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible).
- GoBuster (Directory/file & DNS busting tool written in Go).
- RobotsDisallowed (The RobotsDisallowed project is a harvest of the Disallowed directories from the robots.txt).
- Parameth (This tool can be used to brute discover GET and POST parameters).
Web Content
- GroundControl (A collection of scripts that run on my web server).
- Sleepy-Puppy (Sleepy Puppy XSS Payload Management Framework).
- XSSHunter (The XSS Hunter service - a portable version of XSSHunter.com).
- TPLMap (Code and Server-Side Template Injection Detection and Exploitation Tool).
- PsychoPATH (Hunting file uploads & LFI in the dark).
- Commix (Automated All-in-One OS command injection and exploitation tool)
Miscellaneous
- AutoSubTakeover (A tool used to check if a CNAME resolves to the scope adress).
- HostileSubBruteforcer (This app will bruteforce for exisiting subdomains)
- Tko-Subs (A tool that can help detect and takeover subdomains with dead DNS records).
- SandCastle (Python script for AWS S3 bucket enumeration).
- GitRob (Reconnaissance tool for GitHub organizations).
- TruffleHog (Searches through git repositories for high entropy strings, digging deep into commit history)
Plugins BurpSuite
- VulnersCom: https://github.com/vulnersCom/burp-vulners-scanner
- BackSlash-powered-scanner: https://github.com/PortSwigger/backslash-powered-scanner
- Header Checks: https://github.com/eonlight/BurpExtenderHeaderChecks
- pyschPATH: https://github.com/ewilded/psychopath
- HUNT Burp Suite Extension: https://github.com/bugcrowd/HUNT
Credits
- GitHub Jhaddix https://github.com/jhaddix/tbhm
- Bug Bounty Forum https://bugbountyforum.com/tools/
- "The Bug Hunter Methodology V2 by @jhaddix" https://docs.google.com/presentation/d/1p8QiqbGndcEx1gm4_d3ne2fqeTqCTurTC77Lxe82zLY
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].