Bug Bounty Web and API Payloads
☆39Feb 5, 2026Updated last month
Alternatives and similar repositories for Bug_Bounty_Web_and_API_Tools
Users that are interested in Bug_Bounty_Web_and_API_Tools are comparing it to the libraries listed below
Sorting:
- P2P Communications of Named Pipes☆12Dec 11, 2025Updated 2 months ago
- Example for the Google Chrome cache attack to inject custom code into web pages (macOS, Linux, browser version: 124.0.6367.62 and older)☆12May 10, 2024Updated last year
- Adapted PE Loader to load a rc4 encrypted mimikatz shellcode into memory with specified arguments before exiting.☆16Jun 2, 2025Updated 9 months ago
- RobinHood - Bug Hunting Recon Automation Script☆37Nov 18, 2022Updated 3 years ago
- Fuzz every path with goky☆15Jan 4, 2024Updated 2 years ago
- XMLRPC - RCE in MovableTypePoC☆21Mar 21, 2022Updated 3 years ago
- Some oneliners with descriptions and Regex that I frequently use while doing bug hunting. More to come 🚀🚀☆22Dec 24, 2022Updated 3 years ago
- this repo contains some public methodologies which I found from internet (google,telegram,discord,writeups etc..)☆30May 30, 2024Updated last year
- Custom nuclei templates for bug hunting.....☆26May 30, 2024Updated last year
- Sec-Payloads, It's a collection of multiple types of lists used during security assessments & used for bug bounty hunting or penetration …☆10Nov 17, 2025Updated 3 months ago
- DepFine Is a tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE☆27Nov 28, 2021Updated 4 years ago
- XSSB is a proactive DOM sanitizer, defending against client-side injection attacks!☆38Aug 26, 2018Updated 7 years ago
- Resources from Jamal & Giuliana's presentation on reserving bytecode into bounties for Jira and Confluence Plugins [BSides Canberra and K…☆22Nov 7, 2025Updated 3 months ago
- ☆10Dec 30, 2020Updated 5 years ago
- Python Exploitation Framework☆30Updated this week
- AISecLists - Your AI Red Teaming Arsenal. Discover a curated collection of prompt lists for diverse AI security assessments, including LL…☆13Jan 18, 2025Updated last year
- Fast path fuzzing for hidden web directories.☆19Aug 6, 2025Updated 7 months ago
- This tool will help you to find CVEs, exploits, or possible 0-Days for a specific technology.☆16Jun 11, 2024Updated last year
- Making a lab and testing the CVE-2024-3116, a Remote Code Execution in pgadmin <=8.4☆12Apr 11, 2024Updated last year
- oursms.app client library that allows you to send SMS☆11Aug 27, 2022Updated 3 years ago
- This JavaScript CLI "undeletes' packages that have been removed from the NPM registry☆29Dec 18, 2025Updated 2 months ago
- Extensor is a command-line tool designed to help users quickly gather URLs containing specific file extensions from a given source (e.g.,…☆10Mar 13, 2024Updated last year
- Caddy module to throttle incoming connection bandwidth☆15Oct 14, 2025Updated 4 months ago
- ☆21Jul 25, 2017Updated 8 years ago
- ☆12Jul 4, 2024Updated last year
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- Apache OfBiz Auth Bypass Scanner for CVE-2023-51467☆11Dec 31, 2023Updated 2 years ago
- Tutorials and Things to Do while Hunting Vulnerability.☆13Aug 30, 2022Updated 3 years ago
- [Forked] This repo is for learning various heap exploitation techniques.☆10Sep 6, 2018Updated 7 years ago
- Sweetuu is a Advance Shell which can be used to achieve RCE easily through LFI & RFI. For easy wins in bug bounty, upload sweetuu instead…☆10Dec 16, 2024Updated last year
- ☆12Nov 17, 2024Updated last year
- 1000个PHP代码审计案例(2016.7以前乌云公开漏洞)☆11Sep 30, 2016Updated 9 years ago
- Just simple PoC for the Atlassian Jira exploit. Provides code execution for unauthorised user on a server.☆11Jul 21, 2022Updated 3 years ago
- Data Engineer Project: An end-to-end Airflow data pipeline with BigQuery, dbt Soda, and more!☆11Dec 14, 2023Updated 2 years ago
- ☆10Jul 28, 2021Updated 4 years ago
- MonoX被攻击事件的分析和复现☆10Dec 2, 2021Updated 4 years ago
- Ivanti Pulse Secure CVE-2023-46805 Scanner - Based on Assetnote's Research☆12Jan 19, 2024Updated 2 years ago
- 基于JavaFX框架做的一款安卓漏洞分析桌面软件,采用了反编译技术与静态分析技术,上传apk包即可分析APP可能包含的风险。☆14Nov 23, 2022Updated 3 years ago
- 一个可以全端口捕获流量的简易蜜罐 tcppc: A simple honeypot to capture TCP/TLS/UDP payloads on ALL ports.☆13Aug 3, 2022Updated 3 years ago