304 Open source projects that are alternatives of or similar to Taie Bugbounty Killer

Web Application recon automation

Scans a list of websites for Cloudfront or S3 Buckets

Automated NoSQL database enumeration and web application exploitation tool.

A tool to check a bunch of URLs that contain reflecting params.

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

A Colab For Bug Hunting!

A curated list of various bug bounty tools

CVE-2017-9506 - SSRF

Given a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs.

A note-taking macOS app for penetration-testers.

The unofficial HackerOne disclosure Timeline

Extract API keys from file or url using by magic of python and regex.

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

🔺 Red Team Hardware Toolkit 🔺

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.

Hacking tools

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

Command line tool for testing CRLF injection on a list of domains.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

Repositório com conteúdo sobre web hacking em português

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.

Cross Origin Resource Sharing MisConfiguration Scanner

RFD Checker - security CLI tool to test Reflected File Download issues

🎯 Server Side Template Injection Payloads

Automating XSS using Bash

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

DNS-Discovery is a multithreaded subdomain bruteforcer.

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

Collection of Facebook Bug Bounty Writeups

Tools of "The Bug Hunters Methodology V2 by @jhaddix"

Urls de-duplication tool for better recon.

An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Secret and/ credential patterns used for gf.

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

Scan for open AWS S3 buckets and dump the contents

Default signature for Jaeles Scanner

Penetration tests guide based on OWASP including test cases, resources and examples.

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

A Python3 based single-file subdomain enumerator

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

Random Tools for Bug Bounty

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

Subdomain Takeover tool written in Go

Python library and CLI for the Bug Bounty Recon API

Find exploits in local and online databases instantly

Cross-site scripting labs for web application security enthusiasts

The format of various s3 buckets is convert in one format. for bugbounty and security testing.

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Tool for catching and logging different types of requests.

Change monitoring app that checks the content of web pages in different periods.

Poor (rich?) man's bug bounty pipeline

Scanning APK file for URIs, endpoints & secrets.

Your Google Recon is Now Automated