EdOverflow / bug-bounty-responses

Related projects ⓘ

Alternatives and complementary repositories for bug-bounty-responses

• craighays / bucketkicker
  Brute force AWS bucket finder
  ☆59Updated last year
• tdr130 / assetnote
  Push notifications for passive DNS data
  ☆107Updated 8 years ago
• secdec / attack-surface-detector-burp
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆98Updated 10 months ago
• JR0ch17 / S3Cruze
  All-in-one AWS S3 bucket tool for pentesters.
  ☆70Updated 5 years ago
• lc / hacks
  Repo of useful scripts
  ☆104Updated 4 years ago
• brianwarehime / inSp3ctor
  AWS S3 Bucket/Object Finder
  ☆115Updated 3 years ago
• appsecco / practical-recon-levelup0x02
  This repository contains all the material from the talk "Practical recon techniques for bug hunters & pentesters" given at Bugcrowd Level…
  ☆60Updated 5 years ago
• random-robbie / AWS-Scanner
  Scans a list of websites for Cloudfront or S3 Buckets
  ☆104Updated 2 years ago
• orlyjamie / asnrecon
  ASN reconnaissance script
  ☆124Updated 9 months ago
• random-robbie / open-redirect
  Open Redirect Finder.
  ☆48Updated 4 months ago
• ollseg / ttt-ext
  Chrome extension to aid in finding DOMXSS by simple taint analysis of string values.
  ☆82Updated 5 years ago
• tomdev / teh_s3_bucketeers
  ☆272Updated 3 years ago
• PortSwigger / aws-security-checks
  AWS Security Checks
  ☆36Updated 6 years ago
• agrawalsmart7 / autoRecon
  This tool is for automate the initial things that we usually do in daily pentesting. So you can focus more on the main target.
  ☆78Updated 5 years ago
• secdec / attack-surface-detector-zap
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆61Updated last year
• EdOverflow / h1-cli
  A CLI tool to interact with hackerone.com. This was my submission for HackerOne's Summer 2018 Hack Day.
  ☆36Updated 6 years ago
• almroot / dnsresolvers
  A bash script that fetches and maintains thousands of DNS resolvers
  ☆65Updated 4 years ago
• FishermansEnemy / bucket_finder
  Amazon bucket brute force tool
  ☆95Updated 11 years ago
• lc / cspparse
  A tool to evaluate Content Security Policies.
  ☆71Updated 4 years ago
• maK- / scanomaly-2years
  This is a web application fuzzer scanner - the goal was CLI flexibility and rapid prototyping
  ☆46Updated 4 years ago
• smiegles / mass3
  ☆124Updated 5 years ago
• random-robbie / bugbountydork
  Bug Bounty Dork
  ☆67Updated 2 years ago
• EdOverflow / proof-of-concepts
  A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
  ☆162Updated 5 years ago
• GoonSecurity / Rupert
  ☆20Updated last year
• shivsahni / NSBrute
  Python utility to takeover domains vulnerable to AWS NS Takeover
  ☆85Updated last year
• Abss0x7tbh / bass
  Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers …
  ☆141Updated 6 months ago
• lc / brute53
  A tool to bruteforce nameservers when working with subdomain delegations to AWS.
  ☆58Updated 5 years ago
• random-robbie / metadata-one-liners
  retrive metadata endpoint data with these one liners.
  ☆37Updated 4 years ago
• ticarpi / my-pentesting-repo
  This is a set of tips and reminders for pentesting processes and scripts/programs. Initially for personal use, but if anyone else finds t…
  ☆52Updated 4 years ago
• JordyZomer / autoSubTakeover
  A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking ou…
  ☆131Updated last year