Asset inventory of over 800 public bug bounty programs.

Cyber Security Notes, Methodology, Resources and Tips

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

Find Admin Pages is a simple and efficient Bash script for bug bounty, and security researchers. Its been written to search through source code for potential admin pages.

A rule-driven engine designed for seamless extraction of data from JavaScript files.

OWASP BLT is a bug logging tool to report issues and get points, companies are held accountable.

CloudFlare Checker written in Go

Free version :)

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Python script for Unify all Parameters with all URLs.

Detect Program Bug Bounty

http://10degres.net

Dump all available paths and/or endpoints on WADL file.

Things to do while Hacking/Hunting in Web Applications

PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of sensitive information in your command history.

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

OSINT tools and more but without API key

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

Collection of methodology and test case for various web vulnerabilities.

Some files for bruteforcing certain things.