A comprehensive bug bounty methodology compiled from extensive research, covering web application reconnaissance, checklists, and methods for identifying various bugs. This guide aims to help bug hunters improve their skills in finding, verifying, and responsibly reporting security vulnerabilities.
☆148Nov 11, 2024Updated last year
Alternatives and similar repositories for BugHunterMethodology
Users that are interested in BugHunterMethodology are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆245Jan 20, 2026Updated 4 months ago
- Get acquisitions by scraping titles of crunchbase.☆16Dec 18, 2024Updated last year
- ex-param is an automated tool designed for finding reflected parameters for XSS vulnerabilities. It crawls a target website, extracts GET…☆61Feb 22, 2025Updated last year
- this repo contains some public methodologies which I found from internet (google,telegram,discord,writeups etc..)☆33May 30, 2024Updated 2 years ago
- ☆18Sep 2, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A Python script designed to monitor bug bounty programs for any changes and promptly notify users.☆195Apr 25, 2024Updated 2 years ago
- ☆24Jun 28, 2025Updated 11 months ago
- This repository aims to provide a comprehensive and structured approach to the reconnaissance (recon) phase of bug bounty hunting. The re…☆41Mar 22, 2025Updated last year
- ☆26Apr 8, 2026Updated 2 months ago
- ☆11Apr 29, 2023Updated 3 years ago
- 🔎 Dork Generator☆29Jun 11, 2023Updated 3 years ago
- Gathering All Nuclei Fuzzing Templates in a Single Repo.☆11Apr 23, 2024Updated 2 years ago
- WebApp intentionally made vulnerable to Race Condition for practicing Race Condition☆25Feb 23, 2022Updated 4 years ago
- USRLINKS v1.0 - The Ultimate Username Reconnaissance Tool☆24Oct 6, 2025Updated 8 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- I will share my public tools here and strive to keep them updated in the future. Don't forget to give them a star! Your support is apprec…☆78Feb 4, 2026Updated 4 months ago
- List of Directory Traversal/LFI Payloads Scraped from the Internet☆184Feb 10, 2025Updated last year
- Javascript file change monitoring☆19May 22, 2026Updated 3 weeks ago
- 🌐 Get Some Useful Info From Domain/IP/ASN 🔥☆19Sep 29, 2024Updated last year
- HackTricks Automatic Commands (HAC) is an enumeration platform powered by book.HackTricks.xyz☆23Oct 25, 2021Updated 4 years ago
- Penstaller: A Python tool to automate the installation of essential bug bounty and pentesting tools. With one command, it sets up tools f…☆18Mar 14, 2025Updated last year
- BackupFinder discovers backup files on web servers by generating intelligent patterns.☆107Jul 29, 2025Updated 10 months ago
- Fback is a tool that helps you create target-specific wordlists using a .json pattern.☆64Nov 21, 2025Updated 6 months ago
- ☆53Oct 1, 2025Updated 8 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- ☆122Dec 26, 2023Updated 2 years ago
- ☆189Mar 14, 2026Updated 3 months ago
- TLDFinder is a Python package that identifies valid top-level domains (TLDs) for a list of domains with wildcard characters in the TLD.☆24Jul 2, 2023Updated 2 years ago
- ☆38Jan 17, 2024Updated 2 years ago
- This repo contains Machines and Notes for practicing for EJPTv1/2 exam☆17Aug 24, 2023Updated 2 years ago
- A passive way to find backups/ sensitive information.☆92Jul 10, 2025Updated 11 months ago
- Chrome and Firefox extension that lists Amazon S3 Buckets while browsing☆131Mar 30, 2026Updated 2 months ago
- Hey there! Welcome to my collection of bug bounty and security testing resources. Whether you're just starting out or already deep into y…☆20Apr 8, 2026Updated 2 months ago
- Bug Bounty Methodology 2025: Tools, techniques, and steps to guide you through reconnaissance, enumeration, and testing.☆449May 21, 2025Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- 😁 Easy Regex☆28Apr 9, 2023Updated 3 years ago
- A collaborative hub for Nuclei templates. Contribute, share, and explore powerful vulnerability detection tools!☆49Feb 1, 2025Updated last year
- Python tool to generate crafted JWTs, exploiting the algorithm confusion vulnerability in JWT signature validation. Useful for security …☆25Jun 6, 2026Updated last week
- Extractify extension is a Chrome extension designed for web security testing, enabling users to efficiently extract JavaScript files and …☆30Dec 10, 2024Updated last year
- SubOwner - A Simple tool check for subdomain takeovers.☆118Oct 18, 2024Updated last year
- ☆305Apr 8, 2026Updated 2 months ago
- LazyHunter is an automated reconnaissance tool designed for bug hunters, leveraging Shodan's InternetDB and CVEDB APIs☆236Apr 5, 2025Updated last year