A curated list of various bug bounty tools

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect

Fourth iteration of my personal website built with Gatsby

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

A Workflow Engine for Offensive Security

Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.

Compilation of JavaScript XSS oneliners payloads that rocks your nuts!

Organize your API security assessment by using MindAPI. It's free and open for community collaboration.

Serpscan is a powerfull php script designed to allow you to leverage the power of dorking straight from the comfort of your command line.

Bug Bounty Roadmaps

This repo is about @harshbothra_ 365 days of learning Tweet & Mindmap collection

Automating XSS using Bash

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

403/401 Bypass Methods + Bash Automation + Your Support ;)

PDF slides

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

A Python program to scrape secrets from GitHub through usage of a large repository of dorks.

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

⚡ A collection of awesome lists, manuals, blogs, hacks, one-liners, cli/web tools and more. Especially for System and Network Administrators, DevOps, Pentesters or Security Researchers.

Collections of Orange Tsai's public presentation slides.

Now, the Host is Mine! - Super Fast Sub-domain Takeover Detection!

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

All about bug bounty (bypasses, payloads, and etc)

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.