Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
☆5,338Mar 13, 2026Updated 2 months ago
Alternatives and similar repositories for KingOfBugBountyTips
Users that are interested in KingOfBugBountyTips are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A collection of awesome one-liner scripts especially for bug bounty tips.☆3,120Jul 29, 2024Updated last year
- Collection of methodology and test case for various web vulnerabilities.☆7,114Jun 25, 2025Updated 11 months ago
- All about bug bounty (bypasses, payloads, and etc)☆6,742Sep 8, 2023Updated 2 years ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.☆6,243Aug 14, 2024Updated last year
- BBT - Bug Bounty Tools (examples💡)☆1,894Apr 5, 2024Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference☆5,856Aug 6, 2023Updated 2 years ago
- This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for …☆3,737May 19, 2026Updated last week
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆6,482Sep 14, 2023Updated 2 years ago
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findin…☆7,561May 15, 2026Updated last week
- 🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.☆4,998Updated this week
- The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, f…☆4,377Sep 30, 2024Updated last year
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep☆1,426Sep 13, 2024Updated last year
- A list of resources for those interested in getting started in bug bounties☆12,013Jul 23, 2024Updated last year
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.☆4,937Mar 20, 2026Updated 2 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing☆3,088Mar 7, 2026Updated 2 months ago
- A collection of hacks and one-off scripts☆2,472Mar 13, 2025Updated last year
- Rockyou for web fuzzing☆3,157Mar 11, 2026Updated 2 months ago
- HTTP parameter discovery suite.☆6,229Feb 20, 2025Updated last year
- Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application☆5,054Dec 21, 2024Updated last year
- declutters url lists for crawling/pentesting☆1,557Feb 23, 2025Updated last year
- Automation for javascript recon in bug bounty.☆1,086Sep 9, 2023Updated 2 years ago
- reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via E…☆8,667Mar 21, 2026Updated 2 months ago
- For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙☆1,836Jun 9, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.☆1,701Jun 20, 2022Updated 3 years ago
- Hidden parameters discovery suite☆2,059Sep 8, 2024Updated last year
- The Swiss Army knife for automated Web Application Testing☆2,343May 8, 2024Updated 2 years ago
- A collection of tools to perform searches on GitHub.☆1,493Feb 9, 2023Updated 3 years ago
- A repository that includes all the important wordlists used while bug hunting.☆1,402Mar 11, 2023Updated 3 years ago
- "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.☆5,668Feb 8, 2025Updated last year
- A python script that finds endpoints in JavaScript files☆4,361Apr 13, 2024Updated 2 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆4,191Jul 31, 2024Updated last year
- List of Google Dorks for sites that have responsible disclosure program / bug bounty program☆1,976Dec 8, 2025Updated 5 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Top disclosed reports from HackerOne☆6,078May 16, 2026Updated last week
- A Python program to scrape secrets from GitHub through usage of a large repository of dorks.☆2,547Aug 3, 2024Updated last year
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…☆1,166Apr 3, 2026Updated last month
- A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.☆2,007Sep 5, 2021Updated 4 years ago
- SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files☆2,453May 26, 2024Updated 2 years ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆1,043Aug 23, 2025Updated 9 months ago
- A curated list of various bug bounty tools☆5,992May 12, 2026Updated 2 weeks ago