Asset inventory of over 800 public bug bounty programs.
-
Updated
Jun 13, 2024 - Shell
Asset inventory of over 800 public bug bounty programs.
OWASP BLT is a bug logging tool to report issues and get points, companies are held accountable.
Cyber Security Notes, Methodology, Resources and Tips
All in one web Recon app
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Dump all available paths and/or endpoints on WADL file.
Apache HugeGraph Server Unauthenticated RCE - CVE-2024-27348 Proof of concept Exploit
🚀 A DNS automated scanner and tool 🖱️ (Zone Transfer, DNS Zone Takeover, Subdomain Takeover).
Find Admin Pages is a simple and efficient Bash script for bug bounty, and security researchers. Its been written to search through source code for potential admin pages.
A rule-driven engine designed for seamless extraction of data from JavaScript files.
CloudFlare Checker written in Go
Free version :)
Python script for Unify all Parameters with all URLs.
Detect Program Bug Bounty
Things to do while Hacking/Hunting in Web Applications
PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of sensitive information in your command history.
OSINT tools and more but without API key
Add a description, image, and links to the bugbountytips topic page so that developers can more easily learn about it.
To associate your repository with the bugbountytips topic, visit your repo's landing page and select "manage topics."