A Security Tool for Bug Bounty, Pentest and Red Teaming.
-
Updated
May 23, 2024 - Go
A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
A Security Tool for Bug Bounty, Pentest and Red Teaming.
Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/or bug bounty targets!
Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.
Get some useful data from Clouds for your targets
Go tool that detects which email addresses have domains which are able to be registered
Little Bug Bounty & Hacking Tools⚔️
Simplify your life with leak detection in JavaScript. NipeJS streamlines the use of regex, making it effortless to uncover potential leaks.
Multi-threaded DNS resolvers fetch and validation
A command-line interface (CLI) based passive subdomain discovery utility. It is designed to efficiently identify known subdomains of given domains by tapping into a multitude of curated online passive sources.
OSINT tools and more but without API key
A Workflow Engine for Offensive Security
HackerOne target retreival - for fetching HackerOne bug bounty targets via the HackerOne API, and filtering them.
Go HackerOne API client for bug bounty target selection
Yet another tool to dump a git repository from a website, focused on as-complete-as-possible dumps and handling weird edge-cases.
Distributed network and vulnerability scanner
Parameter Extractor written in golang
A command-line interface (CLI) based passive URLs discovery utility. It is designed to efficiently identify known URLs of given domains by tapping into a multitude of curated online passive sources.
A command-line interface (CLI) based utility to recursively crawl webpages. It is designed to systematically browse webpages' URLs and follow links to discover linked webpages' URLs.
DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it