Lists (3)
Sort Name ascending (A-Z)
Stars
A Recon Tool for Bug Bounty Hunters and Security Researchers
🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)
My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.
StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.
Payload Arsenal for Pentration Tester and Bug Bounty Hunters
🦄🔒 Awesome list of secrets in environment variables 🖥️
Automation for javascript recon in bug bounty.
The EXCLUSIVE Collection of 40,000+ Nuclei templates based on Wordfence intel. Daily updates for bulletproof WordPress security.
A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to …
Useful Google Dorks for WebSecurity and Bug Bounty
A collection of PDF/books about the modern web application security and bug bounty.
PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.
Community curated list of public bug bounty and responsible disclosure programs.
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
🎯 XML External Entity (XXE) Injection Payload List
HostHunter a recon tool for discovering hostnames using OSINT techniques.
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
A repository that includes all the important wordlists used while bug hunting.
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Asset inventory of over 800 public bug bounty programs.
A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.