304 Open source projects that are alternatives of or similar to Taie Bugbounty Killer

🎯 Server Side Template Injection Payloads

A fast HTTP Response status checker implemented in Python3

Automating XSS using Bash

Security Tool to Look For Interesting Files in S3 Buckets

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.

DNS-Discovery is a multithreaded subdomain bruteforcer.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

Collection of Facebook Bug Bounty Writeups

Dump exposed HTTP .git fast

Tools of "The Bug Hunters Methodology V2 by @jhaddix"

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Urls de-duplication tool for better recon.

A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

Mining parameters from dark corners of Web Archives

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Secret and/ credential patterns used for gf.

Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

Scan for open AWS S3 buckets and dump the contents

Web path scanner

Default signature for Jaeles Scanner

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

Penetration tests guide based on OWASP including test cases, resources and examples.

Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

A big list of Android Hackerone disclosed reports and other resources.

A Python3 based single-file subdomain enumerator

Making Favicon.ico based Recon Great again !

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Random Tools for Bug Bounty

This repo is about @harshbothra_ 365 days of learning Tweet & Mindmap collection

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Subdomain Takeover tool written in Go

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Python library and CLI for the Bug Bounty Recon API

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Find exploits in local and online databases instantly

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

Cross-site scripting labs for web application security enthusiasts

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

The format of various s3 buckets is convert in one format. for bugbounty and security testing.

OneForAll是一款功能强大的子域收集工具

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

RFD Checker - security CLI tool to test Reflected File Download issues

Tool for catching and logging different types of requests.

Change monitoring app that checks the content of web pages in different periods.

Poor (rich?) man's bug bounty pipeline

Scanning APK file for URIs, endpoints & secrets.

Your Google Recon is Now Automated

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.