Best Bug Bounty Roadmap for 2026
☆61Jan 18, 2026Updated last month
Alternatives and similar repositories for Bug-Bounty-Roadmap
Users that are interested in Bug-Bounty-Roadmap are comparing it to the libraries listed below
Sorting:
- Discover Non-Discoverable Bluetooth Classic devices☆13Oct 10, 2024Updated last year
- 🚀 Backend mastery with Node.js — from fundamentals to advanced concepts, including authentication, databases, security, real-world proje…☆20Dec 16, 2025Updated 2 months ago
- All-in-One Safety Evaluation Framwork☆42Updated this week
- Recon for Pentesting and BugBounty 🕵️☆14Jan 14, 2026Updated last month
- Android Dynamic Class Dumper — dump all DEX files from running Android apps using Frida☆39Feb 16, 2026Updated 3 weeks ago
- LLM supported Toolkit for Blue Team/ SOC Operations☆47Jan 10, 2026Updated 2 months ago
- A tool that automates fileless SSH backdoor injection—bypassing CA checks, erasing logs, creating long‑lived (up to 9999 days) passwordle…☆29Jan 30, 2026Updated last month
- Asynchronous scanning library☆21Nov 13, 2014Updated 11 years ago
- Free Windows privilege escalation lab inspired by HTB Devel, built for PNPT and OSCP practice.☆23Jan 13, 2026Updated last month
- ☆39Sep 25, 2025Updated 5 months ago
- AI-VAPT is an autonomous AI-driven Vulnerability Assessment & Penetration Testing framework combining traditional VAPT with neural intell…☆86Oct 7, 2025Updated 5 months ago
- Tool to hack Graphql☆15Oct 17, 2023Updated 2 years ago
- Open source code for Xbomber website community edition.☆40Apr 29, 2024Updated last year
- USRLINKS v1.0 - The Ultimate Username Reconnaissance Tool☆24Oct 6, 2025Updated 5 months ago
- FileFetcher is a Python tool that extracts and filters URLs from archived Wayback Machine data based on file types like .pdf, .zip, .sql,…☆19Jan 16, 2025Updated last year
- A Multilayered AV/EDR Evasion Framework and AV Testing Tool.☆18Jun 28, 2025Updated 8 months ago
- A set of tools and resources for analysis of Havoc C2☆26Feb 27, 2024Updated 2 years ago
- Instead of just adding your name and email, why not create a list of project ideas?☆15Oct 6, 2021Updated 4 years ago
- A curated collection of bug bounty tips, tricks, payloads, and bypass techniques☆32Feb 17, 2026Updated 3 weeks ago
- a powerful tool designed to automate the detection of Server-Side Request Forgery (SSRF) and Open Redirect vulnerabilities☆22Oct 15, 2024Updated last year
- Cheatsheet, Notes, Payloads and Mayhem for Burp Suite Practitioner Exam (BSCP)☆42Jan 31, 2026Updated last month
- A sub-domain enumeration tool☆20May 18, 2020Updated 5 years ago
- CamJacking is a tool designed for use in human penetration testing tool. It is intended to simulate potential security threats by testing…☆30Feb 26, 2026Updated last week
- An Advanced Darkweb OSINT Tool☆24Jun 19, 2025Updated 8 months ago
- LAYER7 BEST FLOODING ( SIMPLE TOOL FOR WRITE PROTECT )☆21Oct 31, 2024Updated last year
- Red Team tools containerized☆76Dec 6, 2025Updated 3 months ago
- Small Script that permits to enumerate folders in Windows Defender Exclusion List with no Administrative privileges☆27Nov 20, 2024Updated last year
- Tool to obtain hash using MS-SNTP for user accounts☆29Jan 22, 2025Updated last year
- A versatile personal finance management tool, ai-finance-pencil combines Django Rest Framework and Next.js to provide an intuitive UI for…☆22Aug 2, 2023Updated 2 years ago
- The source code of [Sec'25] Make Agent Defeat Agent: Automatic Detection of Taint-Style Vulnerabilities in LLM-based Agents☆56Sep 9, 2025Updated 6 months ago
- A tool to ingest articles and run Named-Entity Extraction on them☆95Feb 5, 2026Updated last month
- BlacksmithAI is an OPEN-SOURCE advanced penetration testing framework that leverages multiple AI agents to automate security assessments…☆105Updated this week
- Tool to make OSINT to phone numbers with the help of APILayer, using its api together with Number Verification API. 🕵🏽♂️☆73Nov 17, 2024Updated last year
- It’s an OSINT reconnaissance poc powered by Local LLMs (Ollama). You can feed it an email, domain, or IP, and it automatically performs m…☆80Nov 20, 2025Updated 3 months ago
- Wordlists for FFUF☆51May 17, 2025Updated 9 months ago
- Dalvik bytecode emulator for Android static analysis | String decryption | Multi-DEX | No Android runtime required☆85Jan 3, 2026Updated 2 months ago
- A powerful Go tool for finding origin IPs of domains by querying multiple security APIs and validating results with built-in HTTP client.☆43Dec 4, 2025Updated 3 months ago
- Passive Web Vulnerability Detection Tool☆37May 5, 2025Updated 10 months ago
- RingZer0 Writeup.☆29Mar 14, 2019Updated 6 years ago