List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.
-
Updated
May 27, 2024 - PHP
A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Twitter vulnerable snippets
This is my personal repo including bug bounty tips, tools collections, one lines I personally prefer while hunting, and so on. It is under development, so feel free to contribute.
This project is a vulnerable web application to practice on. It is designed for educational purposes to help security enthusiasts and developers understand and mitigate common web vulnerabilities.
♾️ Bruteforce Scanner [v1-API] By AGC007™ -- PHP
Custom wordlist, updated regularly
Lotus XSS
Payload Arsenal for Pentration Tester and Bug Bounty Hunters
Find AWS S3 buckets and test their permissions.
Extract endpoints from source files.
Materi memulai penetration testing dari nol berbahasa Indonesia.
Alternative to XSS Hunter for blind XSS.
Webapp to perform regexp search over GitHub search.
A PHP tool to brute force vhost configured on a server.
Test domain expiration dates.
PHP tool that takes screenshots of a given ips/ports combo list and then try to guess the service.
Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.