Asset inventory of over 800 public bug bounty programs.
-
Updated
May 20, 2024 - Shell
Asset inventory of over 800 public bug bounty programs.
Cyber Security Notes, Methodology, Resources and Tips
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
Find Admin Pages is a simple and efficient Bash script for bug bounty, and security researchers. Its been written to search through source code for potential admin pages.
A rule-driven engine designed for seamless extraction of data from JavaScript files.
OWASP BLT is a bug logging tool to report issues and get points, companies are held accountable.
CloudFlare Checker written in Go
Free version :)
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Python script for Unify all Parameters with all URLs.
Detect Program Bug Bounty
Dump all available paths and/or endpoints on WADL file.
Things to do while Hacking/Hunting in Web Applications
PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of sensitive information in your command history.
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
OSINT tools and more but without API key
Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
Collection of methodology and test case for various web vulnerabilities.
Some files for bruteforcing certain things.
Add a description, image, and links to the bugbountytips topic page so that developers can more easily learn about it.
To associate your repository with the bugbountytips topic, visit your repo's landing page and select "manage topics."