Resources I consider useful for security research of web applications
☆61Dec 15, 2020Updated 5 years ago
Alternatives and similar repositories for bug-bounty-resources
Users that are interested in bug-bounty-resources are comparing it to the libraries listed below
Sorting:
- Cheat Sheets, Metodologies etc.☆19Apr 12, 2019Updated 6 years ago
- A curated list of amazingly bug bounty tips from security researchers around the world.☆104Mar 14, 2019Updated 6 years ago
- CTF Writeups☆12Feb 25, 2023Updated 3 years ago
- Bug Bounty Tools☆34Jul 2, 2020Updated 5 years ago
- ☆14Nov 29, 2019Updated 6 years ago
- Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be a…☆18May 17, 2020Updated 5 years ago
- A kinda reckless dns resolver. Still under development.☆16Mar 23, 2020Updated 5 years ago
- Tools and resources for web app hacking. The payloads.txt documents are a must have for your Burpsuite intruder payload armory. They've h…☆28Jun 10, 2019Updated 6 years ago
- ☆43Feb 26, 2019Updated 7 years ago
- Misc. Public Reports of Penetration Testing and Security Audits.☆35Jan 8, 2021Updated 5 years ago
- Auto Recon Bash Script☆31Dec 31, 2024Updated last year
- Facebook Bug Bounties☆106Feb 24, 2021Updated 5 years ago
- ☆21Nov 13, 2019Updated 6 years ago
- Practice Web App written in python with some vulnerabilities.☆34Mar 19, 2021Updated 4 years ago
- Repository contains an online education portal filled with web vulnerabilities.☆21Jan 3, 2020Updated 6 years ago
- Automate Recon process using Shell Scripting☆11Nov 26, 2021Updated 4 years ago
- CRLFMap is a tool to find HTTP Splitting vulnerabilities☆25Jul 31, 2020Updated 5 years ago
- Security Advisories☆11Sep 22, 2019Updated 6 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆38Nov 8, 2017Updated 8 years ago
- A comprehensive curated list of available Blockchain Bug Bounty Programs.☆79Feb 22, 2019Updated 7 years ago
- Attacking and defending web and VPN session hijacking in Pulse Secure Connect☆14Oct 24, 2019Updated 6 years ago
- Purple Team Workshop by @jorgeorchilles☆12Apr 26, 2025Updated 10 months ago
- ☆30Dec 23, 2020Updated 5 years ago
- vulnerable single sign on☆150Aug 1, 2024Updated last year
- Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will m…☆99Dec 30, 2019Updated 6 years ago
- This repository is created for personal use and added tools from my blog post.☆14Aug 27, 2023Updated 2 years ago
- The Recon scanning tool scans websites for open files & directories specified in the custom config file. Default server configuration fil…☆15Apr 4, 2018Updated 7 years ago
- Tool for checking reflecting Parameters in a URL.☆10Aug 31, 2020Updated 5 years ago
- Ghazi is a BurpSuite Plugins For Testing various PayLoads Like "XSS,SQLi,SSTI,SSRF,RCE and LFI" through Different tabs , Where Each Tab W…☆107Feb 11, 2019Updated 7 years ago
- Bucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations☆58Jul 26, 2020Updated 5 years ago
- All The Notes And Tips I FOund In Github And Twitter I Put Them Here☆35Aug 31, 2020Updated 5 years ago
- CVE-2019-12949☆26Jun 28, 2019Updated 6 years ago
- Writeup for HackerOne H1-415 2020 CTF☆32Feb 3, 2020Updated 6 years ago
- Good resources about web security that I have read.☆27Jul 23, 2023Updated 2 years ago
- This is a docker environment ready set up for multiple WooCommerce Plugin vulnerabilities.☆30Dec 1, 2020Updated 5 years ago
- Simple multi threaded tool to extract domain related data from commoncrawl.org☆31Jul 17, 2018Updated 7 years ago
- Match and Replace script used to automatically generate JSON option file to BurpSuite☆215May 13, 2019Updated 6 years ago
- ☆14Jul 8, 2019Updated 6 years ago
- This repo contains resources to help learn and understand penetration testing☆15May 9, 2018Updated 7 years ago