A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.
☆99Jul 10, 2021Updated 4 years ago
Alternatives and similar repositories for targets
Users that are interested in targets are comparing it to the libraries listed below
Sorting:
- A Simple Tool to Pull Paid Bounty Scopes for Wide Recon Actvities☆106Feb 22, 2021Updated 5 years ago
- Framework to automate Bug Bounty Reconnaissance☆43Jan 4, 2021Updated 5 years ago
- Subdomain Monitor A production-ready subdomain monitoring system with both API and CLI interfaces.☆74Jan 28, 2026Updated last month
- Scan any HackerOne program with Nuclei☆14Sep 21, 2021Updated 4 years ago
- Related subdomains finder☆28May 18, 2022Updated 3 years ago
- OpenBugBounty - https://www.openbugbounty.org/ programs list☆23Mar 15, 2021Updated 4 years ago
- KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Po…☆59Sep 6, 2021Updated 4 years ago
- Some wordlists collected form github to all bug bounty hunters.☆39Jul 30, 2021Updated 4 years ago
- A notification script to help with Recon Stuff☆14Jun 8, 2021Updated 4 years ago
- BugBounty , sort and delete duplicates param value without missing original value☆22Jul 31, 2021Updated 4 years ago
- Script to test open Akamai ARL vulnerability.☆69Aug 11, 2021Updated 4 years ago
- ☆59Apr 8, 2021Updated 4 years ago
- Most of the Google Acquisitions for Bug Bounty Hunter.☆64Sep 3, 2022Updated 3 years ago
- Extract SSL certificate data (Subject Name, Subject Alt Names, Organisation)☆42Nov 10, 2025Updated 3 months ago
- Tips For Bug Bounty Hunters☆86Jul 16, 2022Updated 3 years ago
- A BurpSuite plugin for BBRF☆25Nov 17, 2024Updated last year
- Guide to SSRF☆74Oct 10, 2023Updated 2 years ago
- Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common m…☆75Mar 22, 2024Updated last year
- A blind XSS detection and XSS data capture framework☆175Dec 6, 2025Updated 3 months ago
- The project aims at creating target-specific wordlists for any web application that you are testing.☆66May 28, 2022Updated 3 years ago
- Magic Header Blind Xss tool (deliver blind xss payloads in request headers).☆25May 30, 2021Updated 4 years ago
- Bugbounty scope tool☆332Mar 5, 2025Updated last year
- Static analysis of wordpress plugins☆59Dec 16, 2020Updated 5 years ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆1,039Aug 23, 2025Updated 6 months ago
- Horizontal Domain Discovery☆77May 22, 2023Updated 2 years ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SS…☆174Nov 11, 2020Updated 5 years ago
- De-clutter a list of URLs☆385Feb 3, 2026Updated last month
- Signatures for jaeles scanner by @j3ssie☆117Apr 20, 2024Updated last year
- ☆299Jul 16, 2022Updated 3 years ago
- ☆200Jun 6, 2019Updated 6 years ago
- Get related domains / subdomains by looking at Google Analytics IDs☆250Jun 3, 2022Updated 3 years ago
- A Python tool to automate some dorking stuff to find information disclosures.☆155Jul 3, 2024Updated last year
- Test the speed and reliability of a list of DNS servers☆22Dec 9, 2020Updated 5 years ago
- Various Payload wordlists☆240Apr 26, 2025Updated 10 months ago
- Full Nuclei automation script with logic explanation.☆246Mar 26, 2022Updated 3 years ago
- I will share my bug bounty tips here☆32Mar 6, 2023Updated 3 years ago
- HTTP Request Smuggling Detection Tool☆535Dec 21, 2023Updated 2 years ago
- Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)☆458May 10, 2019Updated 6 years ago
- ☆11Oct 20, 2022Updated 3 years ago