380 Open source projects that are alternatives of or similar to swiss-bugbounty-programs

Gospider - Fast web spider written in Go

Hawkeye filesystem analysis tool

Host Header Injection Checker

All about bug bounty (bypasses, payloads, and etc)

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.

A simple python script which can check HTTP status of branch of URLs/Subdomains and grab URLs/Subdomain title

A swiss real estate transaction standard

Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

Multi Tool Subdomain Enumeration

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

Do some quick reconnaissance on a domain-based web-application

A big list of Android Hackerone disclosed reports and other resources.

Making Favicon.ico based Recon Great again !

Collection grep patterns for Tom Hudson a.k.a Tomnomnom tools namely gf

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A permutation generation tool written in golang

This repo is about @harshbothra_ 365 days of learning Tweet & Mindmap collection

commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. Please use it instead: https://github.com/assetnote/wordlists

Top disclosed reports from HackerOne

Intelligence tool but without API key

Open-source vulnerability disclosure policy templates.

A web crawler (for bug hunting) that gathers more than you can imagine.

A Colab For Bug Hunting!

Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.

BugBounty Tool

OneForAll是一款功能强大的子域收集工具

Collection of quality safety articles. Awesome articles.

OSINT

goverview - Get an overview of the list of URLs

Hetty is an HTTP toolkit for security research.

List of considerations for commerce site auditing and security teams. This is summary of action points and areas that need to be built into the Techinical Specific Document, or will be checked in the Security testing phases.

Simultaneously execute various subdomain enumeration tools and aggregate results.

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

A python script designed to check if the website if vulnerable of clickjacking and create a poc

Subdomain takeover vulnerability checker

A list of companies of possible interest for mathematicians (or related) that are looking for a job in quantitative finance in Zurich.

An automated approach to performing recon for bug bounty hunting and penetration testing.

Simple Server Side Request Forgery services enumeration tool.

No description or website provided.

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

Toolset for detecting reflected xss in websites

Automated NoSQL database enumeration and web application exploitation tool.

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

Swiftly search FDNS datasets from Rapid7 Open Data

Automated All-in-One OS Command Injection Exploitation Tool.

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

Extract server and IP address information from Browser SSRF

Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

A list of resources for those interested in getting started in bug bounties

🦄🔒 Awesome list of secrets in environment variables 🖥️

SQL Injection Payload List

SecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.

Script for Bug Bounty

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

My personal bug bounty toolkit.

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight