Rasel Mir's repositories
Bug-Bounty-Roadmaps
Bug Bounty Roadmaps
SQLiDetector
Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases.
dirsearch_bypass403
目录扫描+JS文件中提取URL和子域+403状态绕过+指纹识别
testrasel
For test
katana
A next-generation crawling and spidering framework.
inventory
Asset inventory on public bug bounty programs.
sourcemapper
Extract JavaScript source trees from Sourcemap files
cariddi
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
dsieve
Filter and enrich a list of subdomains by level
crawlergo
A powerful browser crawler for web vulnerability scanners
waymore
Find way more from the Wayback Machine!
xray
XRay is a tool for recon, mapping and OSINT gathering from public networks.
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
FireBaseScanner
The scripts helps security analsts to identify misconfigured firebase instances.
kxss
This a adaption of tomnomnom's kxss tool with a different output format
GooFuzz
GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).
bypass-url-parser
bypass-url-parser
ipcdn
Check which CDN providers an IP list belongs to
apkleaks
Scanning APK file for URIs, endpoints & secrets.
GitTools
A repository with 3 tools for pwn'ing websites with .git repositories available
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
awesome-oneliner-bugbounty
A collection of awesome one-liner scripts especially for bug bounty tips.