An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
-
Updated
Jul 4, 2023 - Shell
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Automation for javascript recon in bug bounty.
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
R3C0Nizer is the first ever CLI based menu-driven web application B-Tier recon framework.
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Random Tools for Bug Bounty
Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty.
Nucleimonst3r is a powerful vulnerability scanner that can help Bug Bounty Hunters find low hanging fruit vulnerabilities for known CVEs and exploits but also gather all the technology running behind them for further investigation for a potential target.
API Key/Token Exploitation Made easy.
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
Enumerate Subdomains Through Google Dorks
It grep subdomains, email/username, build custom wordlist etc from gau results
TerminatorZ is a highly sophisticated and efficient web security tool that scans for top potential vulnerabilities with known CVEs in your web applications.
Running nuclei Continuously
A small and an efficient tool to find SQL injection vulnerability in a websites.
Bash script to automate Bug Bounty Reconnaissance
XSS Finder Via SSTI
Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
RobinHood - Bug Hunting Recon Automation Script
Add a description, image, and links to the bugbounty-tool topic page so that developers can more easily learn about it.
To associate your repository with the bugbounty-tool topic, visit your repo's landing page and select "manage topics."