Extract endpoints from specific Git repository for fuzzing
-
Updated
Nov 3, 2020 - Python
Extract endpoints from specific Git repository for fuzzing
DNS hijacking via dead records automation tool
grapX will iterate through the URLs and grep the endpoints with all possible extensions.
Python library and CLI for the Bug Bounty Recon API
Rapidly enumerate subdomains and domains using rapiddns.io.
All In One, Fast, Easy Recon Tool
Find sensitive information using dorks from different search-engines.
Simple app to gather all #bugbountytips from Twitter and Telegram.
A small tool to help developers understand a huge set of security requirements from appsec teams
CVE-2022-40297 - Proof of Concept: Privilege escalation in Ubuntu Touch 16.04 - by PIN Bruteforce
Scripts for hunting bugs.
All in One Subdomain Finder Tool is a tool to search for subdomains of an inputted domain.
A collection of custom security tools for quick needs.
Python package dependency confusion vulnerability POC. Impact this vulnerability is Remote code execution (RCE)
CloudSniffer is a powerful tool designed to aid in the discovery of the real IP address of a website protected by Cloudflare. It leverages brute force techniques by testing a list of IP addresses and analyzing the status codes returned by the server to uncover the actual IP address of the target website.
hostinject (Host Header Injection) Tool is a Python script that allows you to perform host header injection vulnerability testing on a target URL or a list of URLs. It injects various header values and checks for potential vulnerabilities.
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Tool to remove ANSI characters from text files.
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Online tips and explain the commands, for the better understanding of new hunters..
CVE-2022-44268 ImageMagick Arbitrary File Read - Proof of Concept exploit
Add a description, image, and links to the bugbountytips topic page so that developers can more easily learn about it.
To associate your repository with the bugbountytips topic, visit your repo's landing page and select "manage topics."