Sudistark / BB-Writeups

Related projects ⓘ

Alternatives and complementary repositories for BB-Writeups

• tamimhasan404 / Gau-Expose
  It grep subdomains, email/username, build custom wordlist etc from gau results
  ☆45Updated 2 years ago
• emadshanab / DIR-WORDLISTS
  Some wordlists collected form github to all bug bounty hunters.
  ☆27Updated 3 years ago
• leetIbrahim / JSNotify
  JSNotify is a Python script designed to monitor JavaScript files in a specified directory for changes. This tool can be used by developer…
  ☆18Updated last year
• PatrikFehrenbach / vilicus
  vīlicus is a bug bounty api dashboard
  ☆40Updated last year
• 0xElkot / My-Nuclei-Templates
  ☆32Updated 2 years ago
• emadshanab / femida
  Automated blind-xss search for Burp Suite
  ☆24Updated 2 years ago
• 0xRTH / IISRecon
  IIS shortname scanner + bruteforce
  ☆49Updated 9 months ago
• h1pmnh / sqli-dojo-docker
  A demo PHP application used to exercise SQL injection techniques in a safe, local Docker environment
  ☆39Updated 5 months ago
• projectmonke / shortnameguesser
  A tool to guess the rest of the shortnames provided by vulnerable IIS instances.
  ☆36Updated last year
• akincibor / 403-bypass
  Enhanced 403 bypass header
  ☆21Updated 2 years ago
• Ravirajrao / HackerOne-Reports
  Cool HackerOne Reports
  ☆18Updated 2 years ago
• akshaysharma016 / aem-detector
  ☆20Updated last year
• NitinYadav00 / gf-patterns
  Some of the gf patterns which i use
  ☆39Updated 2 years ago
• SirBugs / JsValidator
  JsValidator is a tool created for validating the JS files after crawlling it from waybackurls
  ☆18Updated last year
• ethicalhackingplayground / aem-eye
  A very simple AEM detector written in rust.🦀
  ☆20Updated last year
• bsysop / blind-ssrf-chains
  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
  ☆16Updated 3 years ago
• emadshanab / Blind-XSS-burp-match-and-replace
  ☆28Updated 11 months ago
• adrianlarion / pegaxss
  Magic Header Blind Xss tool (deliver blind xss payloads in request headers).
  ☆27Updated 3 years ago
• Ravaan21 / Chandrahasa
  A solid recon tool I use personally.
  ☆30Updated last year
• k4k4r07 / CertSubDumb
  Basic Bash Script to scrape all subdomains from crtsh in a single run
  ☆18Updated 2 years ago
• rook1337 / hakrawlerx8chain
  ☆14Updated 3 years ago
• alyrezo / FindBBP
  Bug Bounty Program Discovery tool, that discovers bug Bounty Program via security.txt file by default and you can use custom dork
  ☆15Updated 2 years ago
• vitorfhc / queryxss
  Tool for testing reflections in the HTTP responses
  ☆60Updated last year
• emadshanab / Content-Discovery-Web-Dir-Bruteforce-wordlists-Collection
  ☆35Updated 11 months ago
• akshukatkar / bbtools
  basic bbtools , buggy , not recommended to use
  ☆34Updated 4 months ago
• xnl-h4ck3r / LookMark
  A browser bookmark to show hidden fields and enable disabled fields on a web page
  ☆17Updated last year
• sys0wn / css-scrollbar-attack
  PoC for leaking text nodes via CSS injection
  ☆15Updated 3 months ago
• BitTheByte / BitMapper
  Burp-suite Extension For finding .map files
  ☆42Updated 11 months ago
• Sybil-Scan / TLDbrute
  A simple utility to generate domain names with all possible TLDs
  ☆23Updated last year