A collection of templates for bug bounty reporting
☆444Dec 15, 2025Updated 2 months ago
Alternatives and similar repositories for BugBountyTemplates
Users that are interested in BugBountyTemplates are comparing it to the libraries listed below
Sorting:
- A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily rep…☆257Aug 30, 2023Updated 2 years ago
- Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)☆459May 10, 2019Updated 6 years ago
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆6,382Sep 14, 2023Updated 2 years ago
- This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for …☆3,659Updated this week
- Bug Bounty statistics tool.☆33Nov 17, 2022Updated 3 years ago
- BBT - Bug Bounty Tools (examples💡)☆1,883Apr 5, 2024Updated last year
- Hacked together script for feeding urls into Burp's Sitemap☆92Dec 7, 2025Updated 2 months ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.☆6,082Aug 14, 2024Updated last year
- This tool can be used to brute discover GET and POST parameters☆1,394Aug 24, 2019Updated 6 years ago
- BountyDash is a tool to combine your rewards from all platforms, giving you insights about your progress and bug hunting patterns.☆163Apr 24, 2025Updated 10 months ago
- List of Google Dorks for sites that have responsible disclosure program / bug bounty program☆1,875Dec 8, 2025Updated 2 months ago
- Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens…☆5,223Jan 31, 2026Updated last month
- A python script that finds endpoints in JavaScript files☆4,294Apr 13, 2024Updated last year
- A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.☆5,451Jan 15, 2024Updated 2 years ago
- ☆34Oct 1, 2019Updated 6 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆4,068Jul 31, 2024Updated last year
- Note: Going through a full re-write of the tooling so the current versions in the repo do not work!☆416May 18, 2020Updated 5 years ago
- A collection of awesome one-liner scripts especially for bug bounty tips.☆3,077Jul 29, 2024Updated last year
- Poor (rich?) man's bug bounty pipeline https://dubell.io☆288Apr 24, 2023Updated 2 years ago
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆629Feb 5, 2019Updated 7 years ago
- Ressources for bug bounty hunting☆1,906Dec 1, 2022Updated 3 years ago
- Subdomain Takeover tool written in Go☆2,033Aug 13, 2023Updated 2 years ago
- A collection of hacks and one-off scripts☆2,424Mar 13, 2025Updated 11 months ago
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep☆1,401Sep 13, 2024Updated last year
- All known and unknown public POC's for wordpress themes and plugins☆79Jun 23, 2021Updated 4 years ago
- Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.☆543Aug 23, 2018Updated 7 years ago
- The Bug Hunters Methodology☆4,260Aug 1, 2023Updated 2 years ago
- A multi-platform bug bounty toolkit that can be installed on Debian/Ubuntu or set up with Docker.☆1,177Aug 16, 2023Updated 2 years ago
- A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference☆5,551Aug 6, 2023Updated 2 years ago
- Various Payload wordlists☆240Apr 26, 2025Updated 10 months ago
- Secret and/or credential patterns used for gf.☆243Feb 10, 2023Updated 3 years ago
- A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.☆1,977Sep 5, 2021Updated 4 years ago
- Fetches javascript file from a list of URLS or subdomains.☆837Jul 22, 2025Updated 7 months ago
- A fuzzer for detecting open redirect vulnerabilities☆782Jul 1, 2024Updated last year
- ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.☆2,244Jan 8, 2026Updated last month
- A collection of custom security tools for quick needs.☆3,284May 1, 2023Updated 2 years ago
- Burp plugin that clusters responses to show an overview of received responses☆15Jun 7, 2019Updated 6 years ago
- Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.☆472Nov 10, 2022Updated 3 years ago
- Automated blind-xss search for Burp Suite☆285Oct 10, 2019Updated 6 years ago