There are 51 repositories under bugbountytips topic.
All about bug bounty (bypasses, payloads, and etc)
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
A collection of custom security tools for quick needs.
A collection of awesome one-liner scripts especially for bug bounty tips.
This challenge is Inon Shkedy's 31 days API Security Tips.
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
Tips and Tutorials for Bug Bounty and also Penetration Tests.
API Security Project aims to present unique attack & defense methods in API Security field
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Some files for bruteforcing certain things.
A collection of PDF/books about the modern web application security and bug bounty.
"Can I take over DNS?" — a list of DNS providers and how to claim (sub)domains via missing hosted zones
A fast DOM based XSS vulnerability scanner with simplicity.
Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
🎯 Server Side Template Injection Payloads
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
These are my checklists which I use during my hunting.
挖掘国内外漏洞平台必备的自动化捡钱赏金技巧,看了并去做了捡钱如喝水。
🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
🚀 A DNS automated scanner and tool 🖱️ (Zone Transfer, DNS Zone Takeover, Subdomain Takeover).
BugBounty_CheatSheet
This repository is about @AnubhavSingh_'s 365 days of Learning Tweets collection.
CloudFlare Checker written in Go