#

Bug Bounty

A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.

Here are 1,330 public repositories matching this topic...

PayloadsAllTheThings

swisskyrepo / PayloadsAllTheThings

Sponsor

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

security hacking web-application cheatsheet enumeration penetration-testing bounty vulnerability methodology bugbounty pentest bypass payload payloads hacktoberfest privilege-escalation redteam

Updated Jan 24, 2023
Python

PENTESTING-BIBLE

blaCCkHatHacEEkr / PENTESTING-BIBLE

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Updated Aug 18, 2022

maurosoria / dirsearch

Sponsor

Web path scanner

Updated Jan 27, 2023
Python

nahamsec / Resources-for-Beginner-Bug-Bounty-Hunters

A list of resources for those interested in getting started in bug bounties

education hackers hacking xss bug-bounty web-security bugbounty pentest ssrf bug-bounty-hunters learn2hack

Updated Oct 28, 2022

projectdiscovery / subfinder

Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

osint hacking bugbounty subdomains reconnaissance subdomain-enumeration

Updated Jan 23, 2023
Go

OneForAll

shmilylty / OneForAll

OneForAll是一款功能强大的子域收集工具

Updated Jan 12, 2023
Python

projectdiscovery / nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

security fingerprint exploits nuclei bugbounty vulnerability-detection hacktoberfest exploit-development nuclei-templates nuclei-checks

Updated Jan 27, 2023

wstg

OWASP / wstg

Sponsor

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

security guide best-practices owasp penetration-testing application-security pentesting bugbounty hacktoberfest

Updated Jan 27, 2023
Dockerfile

hetty

dstotijn / hetty

Sponsor

An HTTP toolkit for security research.

http proxy mitm infosec pentesting bugbounty

Updated Jan 27, 2023
Go

rengine

yogeshojha / rengine

Sponsor

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

osint scanner hacking penetration-testing bug-bounty infosec pentesting recon bugbounty scanning information-gathering rengine security-tools reconnaissance scanner-web recon-engine

Updated Jan 18, 2023
JavaScript

EdOverflow / bugbounty-cheatsheet

Sponsor

A list of interesting payloads, tips and tricks for bug bounty hunters.

security infosec bugbounty payloads

Updated Jul 28, 2022

KathanP19 / HowToHunt

Collection of methodology and test case for various web vulnerabilities.

tutorials vulnerability bugbounty bugbountytips bughunting-methodology

Updated Nov 14, 2022

edoardottt / awesome-hacker-search-engines

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

Updated Jan 17, 2023

projectdiscovery / httpx

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

cli http osint pipeline lib cybersecurity ssl-certificate bugbounty hacktoberfest pentest-tool

Updated Jan 23, 2023
Go

j3ssie / osmedeus

A Workflow Engine for Offensive Security

go golang security osint hacking penetration-testing bug-bounty pentesting bugbounty scanning hacking-tool information-gathering security-tools reconnaissance pentest-tool osmedeus

Updated Jan 1, 2023
Go

payloadbox / xss-payload-list

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

Updated Oct 29, 2022

daffainfo / AllAboutBugBounty

Sponsor

All about bug bounty (bypasses, payloads, and etc)

security bug hacking penetration-testing vulnerability infosec bugbounty pentest bypass payload payloads reconnaissance bugbountytips

Updated Dec 9, 2022

can-i-take-over-xyz

EdOverflow / can-i-take-over-xyz

Sponsor

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

security list subdomain infosec bugbounty subdomain-takeovers

Updated Jan 15, 2023
Python

commix

commixproject / commix

Automated All-in-One OS Command Injection Exploitation Tool.

python opensource detection pentesting bugbounty exploitation takeover command-injection vulnerability-scanner

Updated Jan 26, 2023
Python

reconftw

six2dez / reconftw

Sponsor

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

osint scanner hacking subdomain penetration-testing fuzzing infosec raspberry pentesting recon nuclei vulnerabilities bugbounty pentest hacktoberfest reconnaissance hacktoberfest2022

Updated Jan 21, 2023
Shell

Wikipedia: Wikipedia

Related Topics

penetration-testing pentest pentesting security