Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
-
Updated
May 26, 2024 - Shell
A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
Hastly written Tools & Scripts for Personal Use Cases & Bug Bounties
My useful files for penetration tests, security assessments, bug bounty and other security related stuff
Asset inventory of over 800 public bug bounty programs.
🔨 List all IP ranges from: Google (Cloud & GoogleBot), Bing (Bingbot), Amazon (AWS), Microsoft, Oracle (Cloud), GitHub, Facebook (Meta), OpenAI (GPTBot) and other with daily updates.
Repeatable, immutable, and scalable security research w/ Docker
Resources, repos and scripts for pentesters and bug bounty.
Mapping from bug bounty and vulnerability disclosure programs to respective GitHub organizations
Find Admin Pages is a simple and efficient Bash script for bug bounty, and security researchers. Its been written to search through source code for potential admin pages.
CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tools to gather information and identify the attack surface, making it a valuable asset for bug bounty hunters and penetration testers.
My subdomain enumeration script. It's unique in the way it is built upon.
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Find Email Spoofing Vulnerablity of domains
A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
Nothing much, just some scripts to help me out with bug bounty. not exactly bug hunting scripts tho.
💥 This tool is intended for bounty hunters, the script installs and launches the best set of tools for expanding the attack surface, for Web Sites, portals, and Organizations.
A highly customised CTF, bounty hunting & penetration testing environment based on the official kali-rolling docker image