This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

BUG BOUNTY WRITEUPS - OWASP TOP 10 🔴🔴🔴🔴✔

Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term (dork) with a default set of websites, bug bounty programs or custom collection.

Bugcrowd’s baseline priority ratings for common security vulnerabilities

Monitoring framework to detect and report newly found subdomains on a specific target using various scanning tools

Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found

Python library and CLI for the Bug Bounty Recon API

Multithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities

Cryptography Tool | RSA Attacks

BugBounty Tool

Web-based Android debugger with inspection capabilities using Frida and Jadx as a backbone

Tool to find stored robots.txt files from the past

Credentials Checking Framework

Python implementation of a Bugcrowd api client.

Automating tool for bug hunting recon and bug discovery

Supply a domain to retrieve acquisitions details.

A tool for spider multiple URLs & check for sensitive variables in code.