Karanxa/Bug-Bounty-Wordlists external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Karanxa/Bug-Bounty-Wordlists

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Karanxa/Bug-Bounty-Wordlists)

Close

Karanxa / Bug-Bounty-WordlistsView on GitHubMore

• External links
• Readme badge

A repository that includes all the important wordlists used while bug hunting.

☆1,379Mar 11, 2023Updated 2 years ago

Alternatives and similar repositories for Bug-Bounty-Wordlists

Users that are interested in Bug-Bounty-Wordlists are comparing it to the libraries listed below

• six2dez / OneListForAll

  View on GitHub
  Rockyou for web fuzzing
  ☆3,028Feb 11, 2026Updated 3 weeks ago
• Sh1Yo / x8

  View on GitHub
  Hidden parameters discovery suite
  ☆2,028Sep 8, 2024Updated last year
• daffainfo / AllAboutBugBounty

  View on GitHub
  All about bug bounty (bypasses, payloads, and etc)
  ☆6,658Sep 8, 2023Updated 2 years ago
• dwisiswant0 / awesome-oneliner-bugbounty

  View on GitHub
  A collection of awesome one-liner scripts especially for bug bounty tips.
  ☆3,077Jul 29, 2024Updated last year
• xnl-h4ck3r / xnLinkFinder

  View on GitHub
  A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets
  ☆1,529Jan 15, 2026Updated last month
• orwagodfather / WordList

  View on GitHub
  ☆858Dec 26, 2025Updated 2 months ago
• xm1k3 / cent

  View on GitHub
  Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…
  ☆1,039Aug 23, 2025Updated 6 months ago
• KingOfBugbounty / KingOfBugBountyTips

  View on GitHub
  Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens…
  ☆5,223Jan 31, 2026Updated last month
• HolyBugx / HolyTips

  View on GitHub
  A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
  ☆1,977Sep 5, 2021Updated 4 years ago
• 0xJin / awesome-bugbounty-builder

  View on GitHub
  Awesome Bug bounty builder Project
  ☆675Feb 15, 2023Updated 3 years ago
• NagliNagli / Shockwave-OSS

  View on GitHub
  ☆756Jun 26, 2024Updated last year
• xnl-h4ck3r / waymore

  View on GitHub
  Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!
  ☆2,552Updated this week
• ayadim / Nuclei-bug-hunter

  View on GitHub
  i will upload more templates here to share with the comunity.
  ☆567Apr 17, 2024Updated last year
• 0xPugal / fuzz4bounty

  View on GitHub
  1337 Wordlists for Bug Bounty Hunting
  ☆932Updated this week
• s0md3v / uro

  View on GitHub
  declutters url lists for crawling/pentesting
  ☆1,531Feb 23, 2025Updated last year
• ayoubfathi / leaky-paths

  View on GitHub
  A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…
  ☆1,024Feb 22, 2026Updated last week
• m4ll0k / BBTz

  View on GitHub
  BBT - Bug Bounty Tools (examples💡)
  ☆1,883Apr 5, 2024Updated last year
• KathanP19 / HowToHunt

  View on GitHub
  Collection of methodology and test case for various web vulnerabilities.
  ☆7,039Jun 25, 2025Updated 8 months ago
• trickest / wordlists

  View on GitHub
  Real-world infosec wordlists, updated regularly
  ☆1,642Updated this week
• lutfumertceylan / top25-parameter

  View on GitHub
  For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
  ☆1,820Jun 9, 2024Updated last year
• KathanP19 / JSFScan.sh

  View on GitHub
  Automation for javascript recon in bug bounty.
  ☆1,069Sep 9, 2023Updated 2 years ago
• 0xmaximus / Galaxy-Bugbounty-Checklist

  View on GitHub
  Tips and Tutorials for Bug Bounty and also Penetration Tests.
  ☆1,707Oct 7, 2025Updated 4 months ago
• streaak / keyhacks

  View on GitHub
  Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
  ☆6,082Aug 14, 2024Updated last year
• xnl-h4ck3r / GAP-Burp-Extension

  View on GitHub
  Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
  ☆1,500Jan 8, 2026Updated last month
• vavkamil / awesome-bugbounty-tools

  View on GitHub
  A curated list of various bug bounty tools
  ☆5,817Feb 9, 2026Updated 3 weeks ago
• Josue87 / gotator

  View on GitHub
  Gotator is a tool to generate DNS wordlists through permutations.
  ☆506Jul 17, 2022Updated 3 years ago
• Dheerajmadhukar / 4-ZERO-3

  View on GitHub
  403/401 Bypass Methods + Bash Automation + Your Support ;)
  ☆1,574Jun 6, 2022Updated 3 years ago
• arkadiyt / bounty-targets-data

  View on GitHub
  This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for …
  ☆3,659Updated this week
• punishell / bbtips

  View on GitHub
  BugBountyTips
  ☆413Jul 31, 2025Updated 7 months ago
• 1ndianl33t / Gf-Patterns

  View on GitHub
  GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
  ☆1,401Sep 13, 2024Updated last year
• emadshanab / Nuclei-Templates-Collection

  View on GitHub
  Nuclei Templates Collection
  ☆1,081Dec 25, 2025Updated 2 months ago
• sw33tLie / bbscope

  View on GitHub
  Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!
  ☆1,272Feb 27, 2026Updated last week
• devanshbatham / Awesome-Bugbounty-Writeups

  View on GitHub
  A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
  ☆5,551Aug 6, 2023Updated 2 years ago
• trickest / inventory

  View on GitHub
  Asset inventory of over 800 public bug bounty programs.
  ☆1,520Feb 14, 2025Updated last year
• kleiton0x00 / Advanced-SQL-Injection-Cheatsheet

  View on GitHub
  A cheat sheet that contains advanced queries for SQL Injection of all types.
  ☆3,154May 13, 2023Updated 2 years ago
• reddelexc / hackerone-reports

  View on GitHub
  Top disclosed reports from HackerOne
  ☆5,358Updated this week
• sehno / Bug-bounty

  View on GitHub
  Ressources for bug bounty hunting
  ☆1,907Dec 1, 2022Updated 3 years ago
• devanshbatham / ParamSpider

  View on GitHub
  Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
  ☆3,012Jun 24, 2024Updated last year
• NafisiAslH / KnowledgeSharing

  View on GitHub
  ☆1,116Jul 26, 2023Updated 2 years ago