#Bugbounty-tool
Showing 60 of 76 repositories tagged #bugbounty-tool, ranked by stars
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
ππ¦ Dalfox is a powerful open-source XSS scanner and utility focused on automation.
π Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp Collaborator or Interact.sh
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
ScopeSentry-Cyberspace mapping, subdomain enumeration, port scanning, sensitive information discovery, vulnerability scanning, distributed nodes
A curated collection of top-tier penetration testing tools and productivity utilities across multiple domains. Join us to explore, contribute, and enhance your hacking toolkit!
The fastest dork scanner written in Go.
An IIS short filename enumeration tool
AppSec Payloads Arsenal for Pentration Tester and Bug Bounty Hunters
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
A fast tool to scan client-side prototype pollution vulnerability written in Rust. π¦
A tool to check a bunch of URLs that contain reflecting params.
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
Discover new target domains using Content Security Policy
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
Automated DLL Hijacking Discovery, Validation, and Confirmation. Turning local misconfigurations into weaponized, confirmed attack paths.
βοΈ Removing CDN IPs from the list of IP addresses
TerminatorZ is a highly sophisticated and efficient Offensive CVE Exploitation Framework that scans for top potential vulnerabilities with known CVEs in your web applications.
Tools & Resources for Cyber Security Operations
BugBounty-Recon-Methodology
Nucleimonst3r is a powerful vulnerability scanner that can help Bug Bounty Hunters find low hanging fruit vulnerabilities for known CVEs and exploits but also gather all the technology running behind them for further investigation for a potential target.
Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty.
GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
WebStor efficiently enumerates all websites across your organizationβs networks and those in your DNS records - including cloud-hosted servers via zone transfer data - stores their responses, and lets you query for known web technologies, including those with zero-day vulnerabilities.
Archive of Potential Insider Threats
Ultimate Tasks Automation Framework for Hackers, DevSecOps, Pentesters, and Bug-bounty hunters!
CloudSniffer is a powerful tool designed to aid in the discovery of the real IP address of a website protected by Cloudflare. It leverages brute force techniques by testing a list of IP addresses and analyzing the status codes returned by the server to uncover the actual IP address of the target website.
PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of sensitive information in your command history.
This is a useful Python script for extracting bug bounty or any other write-ups from every RSS.
Chrome and Firefox extension that lists Amazon S3 Buckets while browsing
Frida scripts for mobile application dynamic-analysis.
Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
The First Open Source Bug Bounty Platform
Dump all available paths and/or endpoints on WADL file.
Find Email Spoofing Vulnerablity of domains
Simplify your life with leak detection in JavaScript. NipeJS streamlines the use of regex, making it effortless to uncover potential leaks.
All In One, Fast, Easy Recon Tool
π΅ Gee is tool of stdin to each files and stdout. It is similar to the tee command, but there are more functions for convenience. In addition, it was written as go
acunetix-13 install in kali linux
Discord bot created to automate bug bounty recon, automated scans and information gathering via a discord server
AIHTTPAnalyzer revolutionizes web application security testing by bringing artificial intelligence capabilities to Burp Suite. This innovative extension harnesses the power of AI to automate vulnerability detection, provide intelligent analysis, and assist security professionals in identifying complex security issues.
simple recon tool to help you for searching vulnerability on web server
Subdosec is a fast, accurate subdomain takeover scanner with no false positives. It also offers a database of sites vulnerable to subdomain takeover (public results), along with detailed metadata like IP, CNAME, TITLE, and STATUS CODE for reconnaissance to identify potential new vulnerabilities.
DNS and Target HTTP History Local Storage and Search
HackLiners: CyberSec/BugHunting OneLiners
AI-powered pentesting framework with automated recon and exploitation. Multi-source subdomain discovery, active vuln testing (XSS/SQLi/SSRF/IDOR), AI-driven payload generation, local inference, structured reporting. For pentesters and bug bounty hunters.
XSS Finder Via SSTI
Running nuclei Continuously
grapX will iterate through the URLs and grep the endpoints with all possible extensions.
NemesisTools PowerFull Hacking Tools
π΅οΈββοΈπ A tool with several scanning techniques that extracts live IP addresses from a list of IP addresses or CIDR notations.
3klector is an automation Recon tool which collecting information about Acquisitions and ASN which related to Big Scope company
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Online tips and explain the commands, for the better understanding of new hunters..
Burp Suite Proxy Toggler Lite Add-on for Mozilla Firefox.
ParamX is a tool designed to extract and categorize interesting subdomains and parameters from URLs.
Barcha is your SwissβArmy knife for SQL Injection reconnaissance π. Written in Go, it automates: Shodan enumeration of SSL hosts π΅οΈββοΈ Liveness & redirect checks (ignores bad certs) π Automated Ghauri tests for each host π‘οΈ SQLite logging of every scan π
A tool for detecting subdomain takeover vulnerabilities by checking DNS records
Inside403 is a powerful and versatile web security testing tool designed to assess the robustness of web pages and directories against 403 Forbidden errors. This tool is specifically crafted for security professionals, penetration testers, and ethical hackers who seek to identify potential vulnerabilities in web applications.