bug-bounty

There are 167 repositories under bug-bounty topic.

• Hack-with-Github / Awesome-Hacking

  A collection of various awesome lists for hackers, pentesters and security researchers

  androidawesomebug-bountyfuzzinghackingpenetration-testingpentesting-windowsreverse-engineeringsecurity
  77681

• maurosoria / dirsearch

  Web path scanner

  appsecbrutebug-bountybugbountydirsearchenumerationfuzzerfuzzinghackinghacking-toolinfosecpenetration-testingpentest-toolpentestingpythonred-teamingredteamscannersecuritywordlist
  Language:Python 11280

• nahamsec / Resources-for-Beginner-Bug-Bounty-Hunters

  A list of resources for those interested in getting started in bug bounties

  bug-bountybug-bounty-huntersbugbountyeducationhackershackinglearn2hackpentestssrfweb-securityxss
  10166
• rengine

  yogeshojha / rengine

  reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

  bug-bountybugbountyhackinginformation-gatheringinfosecosintpenetration-testingpentestingreconrecon-enginereconnaissancerenginescannerscanner-webscanningsecurity-tools
  Language:Python 6968
• HackTools

  LasCC / HackTools

  The all-in-one browser extension for offensive security professionals 🛠

  reverse-shellhackinghack-toolschrome-extensionfirefox-addonhacktoolspayloadsxss-payloadsweb-pentestershackmsfvenommetasploithackbarcheatsheetpurpleteamredteambug-bountyhackingtools
  Language:TypeScript 5459
• reconftw

  six2dez / reconftw

  reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

  bugbountyhackingreconpentestsubdomainnucleivulnerabilitiesscannerfuzzingosintpenetration-testingpentestingreconnaissancednspentest-toolsecuritysecurity-toolsbug-bounty
  Language:Shell 5251
• osmedeus

  j3ssie / osmedeus

  A Workflow Engine for Offensive Security

  attack-surfaceattack-surface-managementbug-bountybugbountygogolanghackinghacking-toolinformation-gatheringosintpenetration-testingpentest-toolpentestingreconnaissancescanningsecuritysecurity-tools
  Language:Go 5094

• pry0cc / axiom

  The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

  axiombug-bountydnsgendnsxffufgaugowitnesshacking-vpshttprobehttpxmasscanmassdnsmegnmapnucleishufflednssubfindertmux
  Language:Shell 3828

• skerkour / black-hat-rust

  Applied offensive security with Rust - https://kerkour.com/black-hat-rust

  rustsecuritypentestpentestingoffensive-securityred-teamauditbeaconc2bug-bountybug-huntingwasmshellcodesscannerphishingtrojanvirushackinginfosecsecurity-tools
  Language:Rust 3046

• zan8in / afrog

  A Security Tool for Bug Bounty, Pentest and Red Teaming.

  afrogbug-bountypenetration-testingpentestpocred-teamingvulnerability-scannervulnerability-scanning-tools
  Language:Go 2834

• dwisiswant0 / awesome-oneliner-bugbounty

  A collection of awesome one-liner scripts especially for bug bounty tips.

  awesomebashbug-bountybugbountybugbountytipshacktoberfestliner-scriptsone-linersrecon
  2437

• inonshk / 31-days-of-API-Security-Tips

  This challenge is Inon Shkedy's 31 days API Security Tips.

  api-pentestapi-securitybug-bountybugbountybugbountytipsinfosecpentestsecurity
  2062

• tom0li / collection-document

  Collection of quality safety articles. Awesome articles.

  awesomebounty-huntersbug-bountyclouddnsfuzzgithubhackerhackingjavalistpentestredteamresearchsecsecuritysrcwafwebxss
  1976
• sn0int

  kpcyrd / sn0int

  Semi-automatic OSINT framework and package manager

  osintintelligenceosint-frameworkcertificate-transparencyrustsecuritysecurity-auditsecurity-scannerinvestigationreconnaissancereconluapentestinglocationbug-bounty
  Language:Rust 1859

• haccer / subjack

  Subdomain Takeover tool written in Go

  gogolanghostilesubdomaintakeoversubdomain-takeoverbug-bountypentestinginfosecbugbountysecurity
  Language:Go 1849
• SubDomainizer

  nsonaniya2010 / SubDomainizer

  A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

  python3security-toolssecurity-automationsecuritysubdomain-scannersubdomain-enumerations3-bucketfind-subdomainscloud-storage-servicesexternal-javascriptssecretssecretfinderbugbountyfind-secretss3-bucketsbug-bountymadeinindia
  Language:Python 1659

• wagiro / BurpBounty

  Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

  bug-bountybugbountyburp-extensionsburpsuitevulnerability-detectionvulnerability-scanner
  Language:Java 1623

• danieldurnea / FBI-tools

  🕵️ OSINT Tools for gathering information and actions forensics 🕵️

  awesomeawesome-listbug-bountycybersecurityforensicshackingincident-responseinfosecosintpenetration-testingpentestingreconnaissancesecuritysecurity-automationsecurity-tools
  1504

• Cyber-Guy1 / API-SecurityEmpire

  API Security Project aims to present unique attack & defense methods in API Security field

  apiapisecuritybug-bountybugbountybugbountytipscyberseccybersecurityinformation-securityinfosecpenetration-testingtips
  1287
• dumpall

  0xHJK / dumpall

  一款信息泄漏利用工具，适用于.git/.svn/.DS_Store泄漏和目录列出

  dumpallpython3pentestingsecurityhackingtoolsscannerspiderbug-bountygithacksvn
  Language:Python 1254

• xalgord / Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes

  bugbountyresourceshackingowaspowasp-top-10bug-bountybugbountytipsxalgordcollectionethical-hacking
  1185
• metabigor

  j3ssie / metabigor

  OSINT tools and more but without API key

  osintsecuritypentestinginfosecbugbountyip-osintip-rangeasnreconnaissancesubdomainsecurity-toolsbugbounty-toolsbugbountytipssubdomainsbug-bountyrecon
  Language:Go 1143

• trickest / inventory

  Asset inventory of over 800 public bug bounty programs.

  securitybugbountybugbountytipsinfosecreconnaissancereconpentestinghackingsecurity-toolsred-teampenetration-testingsoftware-securitypentest-toolosintosint-toolosint-resourcesthreat-intelligencebug-bountyfuzzing
  Language:Shell 1121

• Uniswap / v3-periphery

  🦄 🦄 🦄 Peripheral smart contracts for interacting with Uniswap v3

  automated-market-makerbug-bountyethereumperipherysmart-contractsuniswap
  Language:TypeScript 1112

• 0xPugal / One-Liners

  A collection of awesome one-liners for bug bounty hunting.

  bug-bountybugbountyenumerationonliner-scriptssubdomain-enumeration
  1087

• payloadbox / xxe-injection-payload-list

  🎯 XML External Entity (XXE) Injection Payload List

  xxexxe-injectionxxe-payloadsxxe-examplexmlwebsecuritywebsecurity-referenceinfosecbugbountybug-bountyweb-application-securitycybersecuritycyber-securityinformation-securityxml-entitypayloadxxe-payloadxxe-payload-listpayloadshacking
  1019

• yassineaboukir / sublert

  Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

  reconnaissancesublertpenetration-testingpentestsecuritycertificate-transparencybug-bountypythonmonitoring-toolcertificate-transparency-logshackinginformation-gathering
  Language:Python 979
• diodb

  disclose / diodb

  Open-source vulnerability disclosure and bug bounty program database

  security-researchsafe-harbor-frameworkresponsible-disclosurevulnerability-disclosuredisclosure-policysimplicitylegalsafetybug-bountyhackersbug-bounty-huntersdata
  Language:Python 955

• taielab / awesome-hacking-lists

  平常看到好的渗透hacking工具和多领域效率工具的集合

  webhackingawesome-listhackerhacking-toolkali-scriptshacking-toolspentesting-toolspentest-scriptsbounty-huntersbug-bountybugbountybugbounty-tool
  945

• nikitastupin / clairvoyance

  Obtain GraphQL API schema even if the introspection is disabled

  bug-bountygraphqlpenetration-testingsecurity
  Language:Python 911

• Ice3man543 / SubOver

  A Powerful Subdomain Takeover Tool

  subdomain-takeoversubdomainsubdomainsbug-bountybugbountytakeover-subdomainhostilehostile-subdomain-takeovertakeoverpentesting
  Language:Go 904

• ehrishirajsharma / SwiftnessX

  A cross-platform note-taking & target-tracking app for penetration testers.

  bug-bountychecklistelectronjspenetration-testingsecurity-tools
  Language:JavaScript 878

• alexbieber / Bug_Bounty_writeups

  BUG BOUNTY WRITEUPS - OWASP TOP 10 🔴🔴🔴🔴✔

  bugbug-bountybug-bounty-huntersbug-bounty-huntingbug-bounty-reconbugbountybugcrowdfacebookgooglehackeronebug-bounty-pocbug-pocintegritialexbieber
  Language:Python 805

• bl4de / security-tools

  My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.

  bug-bountiesbug-bountybugbountyctfctf-toolshackinginfosecitsecuritypentestingpythonscannersecurity-testingsecurity-toolsstatic-analysiswebappsec
  Language:Python 762

• h4r5h1t / webcopilot

  An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.

  bug-bountybugbountyenumerationreconreconnaissance
  Language:Shell 757
• offensive-docker

  aaaguirrep / offensive-docker

  Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

  bug-bountybugbountyctf-toolshackinghacking-toolshtbpentestpentestingpentesting-tools
  Language:Dockerfile 717