There are 7 repositories under bughunting topic.
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Making Favicon.ico based Recon Great again !
BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.
A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
ANTLR v4 grammar-based test generator
Here I gather all the resources about hacking that I find interesting
Tools of "The Bug Hunters Methodology V2 by @jhaddix"
Fuzzinator Random Testing Framework
Tools for BugHunting
Hunt down the secrets from the WebArchives for Fun and Profit
Docker Remote API Scanner and Exploit
SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
R3C0Nizer is the first ever CLI based menu-driven web application B-Tier recon framework.
Hacking tools
Weaponizing Live CT logs for automated monitoring of assets
Java bytecode analyzer customizable via JSON rules
Describe how to use ffuf different options with examples
Chart-Of-Wordlist helps to create your own custom wordlist. Also in one repository, you can find a list of awesome wordlist.
SQL Injection / SQL инъекциа - Hacking and bypass
Hackliner: Cybersec/Bughunting Oneliners
هذا المستودع هي محاولة منا لاثراء المحتوي العربي بخصوص البج بونتي ومايحتويه من انواع ثغرات الي تقنيات مختلفة الي مصادر متعددة
subfalcon is a subdomain enumeration tool that allows you to discover and monitor subdomains for a given list of domains. It fetches subdomains from various sources [crtsh, hackertargetapi, anubis, alienvault, rappiddns, urlscan ] , saves them to a SQLite database, and can notify updates via Discord.
I provide educational resources in this repository for starting bug hunting from scratch. The content will be updated over time! Also, I would be happy if you introduce new resources to be added
The official OWASP BLT App repository/ Heist 'em bugs!
Extract parameters/paths from urls
this is an guide for people aspiring to enter the world of cybersecurity
"zwatcher is a lightweight bash script for monitoring sub/domains or a list of sub/domains and javascript files. It compares HTTP status codes and content length to detect changes and notifies the user when any modifications occur. Easily keep track of your domains' health and security with zwatcher."