#Bugbountytips

Showing 60 of 83 repositories tagged #bugbountytips, ranked by stars

daffainfo
daffainfo
AllAboutBugBounty

All about bug bounty (bypasses, payloads, and etc)

Score
96
β˜… 6.8k β‘‚ 1.3k +14/day
devanshbatham
devanshbatham
Awesome-Bugbounty-Writeups

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

Score
100
β˜… 6.0k β‘‚ 1.2k +15/day
Python
hahwul
hahwul
WebHackersWeapons

βš”οΈ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

Score
100
β˜… 4.9k β‘‚ 823 +10/day
Ruby
gwen001
gwen001
pentest-tools

A collection of custom security tools for quick needs.

Score
0
β˜… 3.3k β‘‚ 785 β€”
Python
inonshk
inonshk
31-days-of-API-Security-Tips

This challenge is Inon Shkedy's 31 days API Security Tips.

Score
88
β˜… 2.2k β‘‚ 350 β€”
HolyBugx
HolyBugx
HolyTips

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

Score
87
β˜… 2.0k β‘‚ 335 +1/day
lutfumertceylan
lutfumertceylan
top25-parameter

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. πŸ›‘οΈβš”οΈπŸ§™

Score
84
β˜… 1.8k β‘‚ 280 β€”
xalgord
xalgord
Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

Score
92
β˜… 1.8k β‘‚ 297 β€”
j3ssie
j3ssie
metabigor

OSINT tools and more but without API key

Score
99
β˜… 1.6k β‘‚ 188 +30/day
Go
trickest
trickest
inventory

Asset inventory of over 800 public bug bounty programs.

Score
80
β˜… 1.6k β‘‚ 282 β€”
Shell
Viralmaniar
Viralmaniar
BigBountyRecon

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Score
79
β˜… 1.6k β‘‚ 290 +4/day
C#
Cyber-Guy1
Cyber-Guy1
API-SecurityEmpire

API Security Project aims to present unique attack & defense methods in API Security field

Score
78
β˜… 1.4k β‘‚ 251 β€”
hahwul
hahwul
XSpear

πŸ”± Powerfull XSS Scanning and Parameter analysis tool&gem

Score
97
β˜… 1.4k β‘‚ 241 +3/day
Ruby
hahwul
hahwul
MobileHackersWeapons

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

Score
0
β˜… 1.3k β‘‚ 212 β€”
Ruby
indianajson
indianajson
can-i-take-over-dns

"Can I take over DNS?" β€” a list of DNS providers and how to claim vulnerable domains.

Score
75
β˜… 1.1k β‘‚ 101 +1/day
tuhin1729
tuhin1729
Bug-Bounty-Methodology

These are my checklists which I use during my hunting.

Score
71
β˜… 867 β‘‚ 113 β€”
HTML
R0X4R
R0X4R
Garud

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

Score
100
β˜… 810 β‘‚ 181 β€”
Shell
Puliczek
Puliczek
awesome-mcp-security

πŸ”₯πŸ”’ Awesome MCP (Model Context Protocol) Security πŸ–₯️

Score
95
β˜… 721 β‘‚ 170 +3/day
dwisiswant0
dwisiswant0
ppfuzz

A fast tool to scan client-side prototype pollution vulnerability written in Rust. πŸ¦€

Score
0
β˜… 667 β‘‚ 72 β€”
Rust
edoardottt
edoardottt
missing-cve-nuclei-templates

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

Score
93
β˜… 439 β‘‚ 50 β€”
Shell
Puliczek
Puliczek
CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera

🎩 🀟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337

Score
58
β˜… 339 β‘‚ 32 β€”
HTML
trickest
trickest
mksub

Generate tens of thousands of subdomain combinations in a matter of seconds

Score
55
β˜… 276 β‘‚ 27 β€”
Go
rix4uni
rix4uni
GarudRecon

GarudRecon automates domain recon with top open-source tools to discover assets, enumerate subdomains, and detect XSS, SQLi, LFI, RCE & more.

Score
86
β˜… 261 β‘‚ 56 β€”
Shell
h0tak88r
h0tak88r
Sec-88

Cyber Security Notes, Methodology, Resources and Tips

Score
91
β˜… 250 β‘‚ 67 +1/day
serain
serain
bbrecon

Python library and CLI for the Bug Bounty Recon API

Score
89
β˜… 228 β‘‚ 39 +1/day
Python
Puliczek
Puliczek
CVE-2021-21123-PoC-Google-Chrome

πŸ±β€πŸ’» πŸ‘ Google Chrome - File System Access API - vulnerabilities reported by Maciej Pulikowski | Total Bug Bounty Reward: $5.000 | CVE-2021-21123 and 5 more...

Score
45
β˜… 175 β‘‚ 24 β€”
HTML
trickest
trickest
mkpath

Make URL path combinations using a wordlist

Score
47
β˜… 174 β‘‚ 28 β€”
Go
rix4uni
rix4uni
medium-writeups

This repository updates latest Bug Bounty medium writeups every 10 minutes, https://readmedium.com/Medium_URL, https://archive.ph/Medium_URL, https://freedium.cfd/Medium_URL

Score
83
β˜… 172 β‘‚ 30 +1/day
Go
trickest
trickest
insiders

Archive of Potential Insider Threats

Score
41
β˜… 154 β‘‚ 24 β€”
rix4uni
rix4uni
WordList

Custom wordlist, updated regularly

Score
82
β˜… 149 β‘‚ 42 β€”
Go
Alaa-abdulridha
Alaa-abdulridha
CloudSniffer

CloudSniffer is a powerful tool designed to aid in the discovery of the real IP address of a website protected by Cloudflare. It leverages brute force techniques by testing a list of IP addresses and analyzing the status codes returned by the server to uncover the actual IP address of the target website.

Score
49
β˜… 148 β‘‚ 61 β€”
Python
aydinnyunus
aydinnyunus
PassDetective

PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of sensitive information in your command history.

Score
68
β˜… 147 β‘‚ 9 β€”
Go
rix4uni
rix4uni
cvemapping

This repo Gathers all available cve exploits from github.⚠️ Be careful Malware.

Score
76
β˜… 133 β‘‚ 17 β€”
Python
AlecBlance
AlecBlance
S3BucketList

Chrome and Firefox extension that lists Amazon S3 Buckets while browsing

Score
72
β˜… 133 β‘‚ 13 β€”
TypeScript
hahwul
hahwul
hack-pet

🐰 Managing command snippets for hackers/bug bounty hunters. with pet.

Score
37
β˜… 110 β‘‚ 19 β€”
Go
dwisiswant0
dwisiswant0
wadl-dumper

Dump all available paths and/or endpoints on WADL file.

Score
0
β˜… 98 β‘‚ 19 β€”
Go
rix4uni
rix4uni
scope

An automated GitHub Actions-based crawler that fetches and updates public scopes from popular bug bounty platforms (like Hackerone/Bugcrowd/Intigriti/etc) (updates every 10 minutes)

Score
74
β˜… 93 β‘‚ 15 +2/day
Shell
aufzayed
aufzayed
HydraRecon

All In One, Fast, Easy Recon Tool

Score
32
β˜… 90 β‘‚ 16 β€”
Python
securi3ytalent
securi3ytalent
acunetix-13-kali-linux

acunetix-13 install in kali linux

Score
38
β˜… 82 β‘‚ 38 +1/day
filipkarc
filipkarc
sqli-postgres-rce-privesc-hacking-playground

Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.

Score
33
β˜… 82 β‘‚ 23 β€”
PHP
gwen001
gwen001
bugbountytips

Webapp to search tips on Twitter through #bugbountytips

Score
29
β˜… 70 β‘‚ 20 β€”
CSS
xcapri
xcapri
subdosec

Subdosec is a fast, accurate subdomain takeover scanner with no false positives. It also offers a database of sites vulnerable to subdomain takeover (public results), along with detailed metadata like IP, CNAME, TITLE, and STATUS CODE for reconnaissance to identify potential new vulnerabilities.

Score
70
β˜… 64 β‘‚ 21 +1/day
Python
yogsec
yogsec
OSINT-Tools

The OSINT Framework is a powerful collection of tools and methods designed for open-source intelligence gathering. This framework covers a wide range of categories to help security researchers, investigators, and analysts uncover crucial information effectively.

Score
61
β˜… 63 β‘‚ 9 +2/day
x1337loser
x1337loser
bug-bounty-writeup

This repo contains different variants of Bug Bounty & Security & Pentest & Tech related Articles

Score
17
β˜… 59 β‘‚ 10 β€”
darklotuskdb
darklotuskdb
SSTI-XSS-Finder

XSS Finder Via SSTI

Score
21
β˜… 59 β‘‚ 12 β€”
Shell
kljunowsky
kljunowsky
CVE-2023-36845

Juniper Firewalls CVE-2023-36845 - RCE

Score
18
β˜… 55 β‘‚ 13 β€”
Python
kabilan1290
kabilan1290
grapX

grapX will iterate through the URLs and grep the endpoints with all possible extensions.

Score
25
β˜… 55 β‘‚ 22 β€”
Python
rix4uni
rix4uni
xssrecon

XSSRecon automates the process of testing URL parameters for reflection of a test payload rix4uni and further checks how special characters are handled (allowed, blocked, or converted).

Score
67
β˜… 54 β‘‚ 10 β€”
Go
rix4uni
rix4uni
subdog

A powerful subdomain enumeration tool that aggregates data from multiple sources to create comprehensive lists of root subdomains.

Score
63
β˜… 50 β‘‚ 11 +1/day
Go
Spix0r
Spix0r
Nuclei-Community-Templates

A collaborative hub for Nuclei templates. Contribute, share, and explore powerful vulnerability detection tools!

Score
64
β˜… 49 β‘‚ 10 β€”
rix4uni
rix4uni
originiphunter

A powerful Go tool for finding origin IPs of domains by querying multiple security APIs and validating results with built-in HTTP client.

Score
51
β˜… 47 β‘‚ 10 β€”
Go
rix4uni
rix4uni
haktrailsfree

Get 10k subdomains in securitytrails using cookie without apikey.

Score
42
β˜… 40 β‘‚ 17 β€”
Go
rix4uni
rix4uni
Bug-Bounty-Tampermonkey-Scripts
Score
66
β˜… 38 β‘‚ 24 β€”
JavaScript
rix4uni
rix4uni
nucleihub-templates

This repo collects nuclei template from 600+ github repos, updates every 6 hours.

Score
62
β˜… 38 β‘‚ 21 β€”
securi3ytalent
securi3ytalent
bug-bounty-tips

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Online tips and explain the commands, for the better understanding of new hunters..

Score
12
β˜… 36 β‘‚ 11 β€”
Python
hahwul
hahwul
MemBi

All the members of bugbounty and infosec. If you don't know who to follow, see!

Score
9
β˜… 36 β‘‚ 7 β€”
Go
samirettali
samirettali
bounty-notes

My bug bounty notes

Score
13
β˜… 35 β‘‚ 13 β€”
rix4uni
rix4uni
tldscan

A high-performance domain scanner that discovers active domains by testing multiple Top-Level Domains (TLDs) for given domain names.

Score
54
β˜… 35 β‘‚ 2 +1/day
Go
S1N6H
S1N6H
Barcha

Barcha is your Swiss‑Army knife for SQL Injection reconnaissance πŸ”. Written in Go, it automates: Shodan enumeration of SSL hosts πŸ•΅οΈβ€β™‚οΈ Liveness & redirect checks (ignores bad certs) πŸ”„ Automated Ghauri tests for each host πŸ›‘οΈ SQLite logging of every scan πŸ”–

Score
8
β˜… 33 β‘‚ 5 +1/day
Go
rix4uni
rix4uni
emailextractor

High-speed Go email scraper that crawls sites and internal links concurrently to collect email addresses for reconnaissance, research, or sales intelligence.

Score
59
β˜… 33 β‘‚ 8 β€”
Go
Related Topics
#bugbounty#security#hacking#pentesting#infosec#penetration-testing#recon#security-tools#bug-bounty#reconnaissance#osint#pentest-tool

Β© 2026 GitRepoTrend Β· GitHub repositories by topic Β· Updated weekly