bug-bounty

There are 178 repositories under bug-bounty topic.

• Hack-with-Github / Awesome-Hacking

  A collection of various awesome lists for hackers, pentesters and security researchers

  androidawesomebug-bountyfuzzinghackingpenetration-testingpentesting-windowsreverse-engineeringsecurity
  80523

• maurosoria / dirsearch

  Web path scanner

  fuzzerfuzzingpythonsecuritydirsearchhackingpentestingpenetration-testingbug-bountyappsecwordlisthacking-toolinfosecbrutescannerbugbountyenumerationpentest-toolred-teamingredteam
  Language:Python 11618

• nahamsec / Resources-for-Beginner-Bug-Bounty-Hunters

  A list of resources for those interested in getting started in bug bounties

  bug-bounty-huntershackersxssbug-bountylearn2hackhackingpentestweb-securityeducationssrfbugbounty
  10399
• rengine

  yogeshojha / rengine

  reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

  security-toolsosintreconrecon-enginereconnaissancescannerscanner-webrengineinformation-gatheringbugbountyhackingscanningpentestingbug-bountyinfosecpenetration-testing
  Language:HTML 7224
• HackTools

  LasCC / HackTools

  The all-in-one browser extension for offensive security professionals 🛠

  reverse-shellhackinghack-toolschrome-extensionfirefox-addonhacktoolspayloadsxss-payloadsweb-pentestershackmsfvenommetasploithackbarcheatsheetpurpleteamredteambug-bountyhackingtools
  Language:TypeScript 5620
• reconftw

  six2dez / reconftw

  reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

  bugbountyhackingreconpentestsubdomainnucleivulnerabilitiesscannerfuzzingosintpenetration-testingpentestingreconnaissancednspentest-toolsecuritysecurity-toolsbug-bounty
  Language:Shell 5476
• osmedeus

  j3ssie / osmedeus

  A Workflow Engine for Offensive Security

  scanningreconnaissancepenetration-testingsecurity-toolspentest-toolhacking-toolinformation-gatheringhackingosintbugbountypentestinggolangsecuritygobug-bountyattack-surfaceattack-surface-management
  Language:Go 5191

• pry0cc / axiom

  The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

  hacking-vpsbug-bountytmuxaxiommasscangowitnessmassdnsffufgaudnsxshufflednsnucleisubfindernmaphttpxhttprobednsgenmeg
  Language:Shell 3929

• zan8in / afrog

  A Security Tool for Bug Bounty, Pentest and Red Teaming.

  vulnerability-scannerpocpenetration-testingafrogvulnerability-scanning-toolsbug-bountypentestred-teaming
  Language:Go 3218

• skerkour / black-hat-rust

  Applied offensive security with Rust - https://kerkour.com/black-hat-rust

  rustsecuritypentestpentestingoffensive-securityred-teamauditbeaconc2bug-bountybug-huntingwasmshellcodesscannerphishingtrojanvirushackinginfosecsecurity-tools
  Language:Rust 3108

• dwisiswant0 / awesome-oneliner-bugbounty

  A collection of awesome one-liner scripts especially for bug bounty tips.

  bugbountybugbountytipsbashone-linersawesomebug-bountyliner-scriptsreconhacktoberfest
  2503

• inonshk / 31-days-of-API-Security-Tips

  This challenge is Inon Shkedy's 31 days API Security Tips.

  pentestapi-pentestbug-bountyapi-securitysecuritybugbountytipsbugbountyinfosec
  2075

• tom0li / collection-document

  Collection of quality safety articles. Awesome articles.

  dnspentestlistsecuritysechackingsrcbug-bountyfuzzxssresearchgithubwafjavahackerredteambounty-hunterswebcloudawesome
  2001
• sn0int

  kpcyrd / sn0int

  Semi-automatic OSINT framework and package manager

  osintintelligenceosint-frameworkcertificate-transparencyrustsecuritysecurity-auditsecurity-scannerinvestigationreconnaissancereconluapentestinglocationbug-bounty
  Language:Rust 1933

• haccer / subjack

  Subdomain Takeover tool written in Go

  gogolanghostilesubdomaintakeoversubdomain-takeoverbug-bountypentestinginfosecbugbountysecurity
  Language:Go 1876
• SubDomainizer

  nsonaniya2010 / SubDomainizer

  A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

  python3security-toolssecurity-automationsecuritysubdomain-scannersubdomain-enumerations3-bucketfind-subdomainscloud-storage-servicesexternal-javascriptssecretssecretfinderbugbountyfind-secretss3-bucketsbug-bountymadeinindia
  Language:Python 1684

• wagiro / BurpBounty

  Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

  bugbountyburp-extensionsburpsuitebug-bountyvulnerability-scannervulnerability-detection
  Language:Java 1643

• danieldurnea / FBI-tools

  🕵️ OSINT Tools for gathering information and actions forensics 🕵️

  forensicsosintcybersecurityhackingsecurity-automationsecurity-toolsinfosecawesome-listincident-responsepenetration-testingreconnaissancesecurityawesomepentestingbug-bounty
  1583

• Cyber-Guy1 / API-SecurityEmpire

  API Security Project aims to present unique attack & defense methods in API Security field

  cybersecuritypenetration-testingapisecurityinformation-securitybugbountyapibug-bountyinfoseccybersectipsbugbountytips
  1311
• dumpall

  0xHJK / dumpall

  一款信息泄漏利用工具，适用于.git/.svn/.DS_Store泄漏和目录列出

  dumpallpython3pentestingsecurityhackingtoolsscannerspiderbug-bountygithacksvn
  Language:Python 1293

• xalgord / Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes

  bugbountyresourceshackingowaspowasp-top-10bug-bountybugbountytipsxalgordcollectionethical-hacking
  1223
• metabigor

  j3ssie / metabigor

  OSINT tools and more but without API key

  osintsecuritypentestinginfosecbugbountyip-osintip-rangeasnreconnaissancesubdomainsecurity-toolsbugbounty-toolsbugbountytipssubdomainsbug-bountyrecon
  Language:Go 1185

• trickest / inventory

  Asset inventory of over 800 public bug bounty programs.

  securitybugbountybugbountytipsinfosecreconnaissancereconpentestinghackingsecurity-toolsred-teampenetration-testingsoftware-securitypentest-toolosintosint-toolosint-resourcesthreat-intelligencebug-bountyfuzzing
  Language:Shell 1180

• Uniswap / v3-periphery

  🦄 🦄 🦄 Peripheral smart contracts for interacting with Uniswap v3

  ethereumsmart-contractsautomated-market-makerperipheryuniswapbug-bounty
  Language:TypeScript 1145

• 0xPugal / One-Liners

  A collection of one-liners for bug bounty hunting.

  bugbountyonliner-scriptssubdomain-enumerationbug-bountyenumeration
  1126

• payloadbox / xxe-injection-payload-list

  🎯 XML External Entity (XXE) Injection Payload List

  xxexxe-injectionxxe-payloadsxxe-examplexmlwebsecuritywebsecurity-referenceinfosecbugbountybug-bountyweb-application-securitycybersecuritycyber-securityinformation-securityxml-entitypayloadxxe-payloadxxe-payload-listpayloadshacking
  1045

• h4r5h1t / webcopilot

  An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.

  bug-bountybugbountyenumerationreconreconnaissance
  Language:Shell 1002

• yassineaboukir / sublert

  Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

  reconnaissancesublertpenetration-testingpentestsecuritycertificate-transparencybug-bountypythonmonitoring-toolcertificate-transparency-logshackinginformation-gathering
  Language:Python 982

• taielab / awesome-hacking-lists

  平常看到好的渗透hacking工具和多领域效率工具的集合

  webhackingawesome-listhackerhacking-toolkali-scriptshacking-toolspentesting-toolspentest-scriptsbounty-huntersbug-bountybugbountybugbounty-tool
  970

• nikitastupin / clairvoyance

  Obtain GraphQL API schema even if the introspection is disabled

  graphqlsecuritypenetration-testingbug-bounty
  Language:Python 965
• diodb

  disclose / diodb

  Open-source vulnerability disclosure and bug bounty program database

  security-researchsafe-harbor-frameworkresponsible-disclosurevulnerability-disclosuredisclosure-policysimplicitylegalsafetybug-bountyhackersbug-bounty-huntersdata
  Language:Python 962

• Ice3man543 / SubOver

  A Powerful Subdomain Takeover Tool

  subdomain-takeoversubdomainsubdomainsbug-bountybugbountytakeover-subdomainhostilehostile-subdomain-takeovertakeoverpentesting
  Language:Go 917

• ehrishirajsharma / SwiftnessX

  A cross-platform note-taking & target-tracking app for penetration testers.

  electronjssecurity-toolspenetration-testingbug-bountychecklist
  Language:JavaScript 882

• alexbieber / Bug_Bounty_writeups

  BUG BOUNTY WRITEUPS - OWASP TOP 10 🔴🔴🔴🔴✔

  bugbug-bountybug-bounty-huntersbug-bounty-huntingbug-bounty-reconbugbountybugcrowdfacebookgooglehackeronebug-bounty-pocbug-pocintegritialexbieber
  Language:Python 814

• bl4de / security-tools

  My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.

  pentestinghackingpythonbugbountyitsecurityctfctf-toolsinfosecwebappsecscannersecurity-toolssecurity-testingbug-bountybug-bountiesstatic-analysis
  Language:Python 772
• DataSurgeon

  Drew-Alleman / DataSurgeon

  Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Security Numbers and a lot More From Text

  cybersecurityincident-responserustsearchsecurity-toolsbug-bountyemailhackingip-addresspentestingreconreconnaissancerust-langfile-searchregexctf-toolssearch-toolsinfosecosintwindows
  Language:Rust 724