There are 498 repositories under bugbounty topic.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Web path scanner
A list of resources for those interested in getting started in bug bounties
Fast passive subdomain enumeration tool.
Community curated list of templates for the nuclei engine to find security vulnerabilities.
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
A list of interesting payloads, tips and tricks for bug bounty hunters.
All about bug bounty (bypasses, payloads, and etc)
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
Scanning APK file for URIs, endpoints & secrets.
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
🎯 SQL Injection Payload List
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Automated All-in-One OS Command Injection Exploitation Tool.
A recursive internet scanner for hackers.
A curated list of various bug bounty tools
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
Top disclosed reports from HackerOne
An OOB interaction gathering server and client library
A collection of custom security tools for quick needs.
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.