Web Fuzzing Box - Web 模糊测试字典与一些Payloads,主要包含:弱口令暴力破解、目录以及文件枚举、Web漏洞...
-
Updated
Apr 16, 2024 - HTML
A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
Web Fuzzing Box - Web 模糊测试字典与一些Payloads,主要包含:弱口令暴力破解、目录以及文件枚举、Web漏洞...
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
OWASP BLT is a bug logging tool to report issues and get points, companies are held accountable.
These are my checklists which I use during my hunting.
A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337
🐱💻 👍 Google Chrome - File System Access API - vulnerabilities reported by Maciej Pulikowski | Total Bug Bounty Reward: $5.000 | CVE-2021-21123 and 5 more...
A vast collection of security tools and resources curated by the community.
Small Vulnerable Web App
Create a VPS on Digital Ocean easily with the mainRecon included to launch the recon workflow.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
My Notes & Resources Of Bug Bounty Checklists
All in one web Recon app
هذا المستودع هي محاولة منا لاثراء المحتوي العربي بخصوص البج بونتي ومايحتويه من انواع ثغرات الي تقنيات مختلفة الي مصادر متعددة
Cool resources and content for bug bounty hunting.
The First Open Source Bug Bounty Platform
This repository discusses the subdomain takeover vulnerability and lists of services which are vulnerable to it. It also provides information, methodology and resources to perform subdomain takeover attacks.