Hey there! Welcome to my collection of bug bounty and security testing resources. Whether you're just starting out or already deep into your security journey, you'll find tools, notes, and scripts here that I've gathered and created along the way.
β11Dec 25, 2025Updated 2 months ago
Alternatives and similar repositories for bugbounty
Users that are interested in bugbounty are comparing it to the libraries listed below
Sorting:
- Recon for Pentesting and BugBounty π΅οΈβ14Jan 14, 2026Updated last month
- β20Feb 3, 2026Updated last month
- Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokensβ¦β36Dec 8, 2023Updated 2 years ago
- β24Jan 31, 2024Updated 2 years ago
- At this repo you can find any tools, tricks or templates for general penetration testing assesmentβ15Apr 27, 2024Updated last year
- β15Mar 21, 2025Updated 11 months ago
- c4mund0n60 is a tool that use output of known tools for generate smart information about a domainβ11Sep 20, 2023Updated 2 years ago
- β10Feb 28, 2023Updated 3 years ago
- The Ultimate Recon Frameworkβ11Mar 29, 2024Updated last year
- Config files for my GitHub profile.β11Updated this week
- Scripts I have made for blue teamβ16Apr 1, 2018Updated 7 years ago
- Collection of my CTF Writeups, mostly Indonesian CTFsβ13Jan 15, 2024Updated 2 years ago
- Exploring hands-on Cybersecurity techniques with a comprehensive repository covering offensive and defensive tools for home-lab environmeβ¦β20Mar 27, 2024Updated last year
- This script searches NVD's website for new CVES, alerting you by email or telegram. You can configure a list of products that interest yoβ¦β11Mar 21, 2021Updated 4 years ago
- β13Jun 26, 2025Updated 8 months ago
- A script to build a Docker image for a DNN Platform websiteβ10Feb 8, 2018Updated 8 years ago
- A script written in python3 to spread blind cross-site scripting payloads on HTTP requests headersβ10Oct 2, 2022Updated 3 years ago
- this repository is a base so everyone can modify it according to there thoughts and process usedβ10Jun 9, 2021Updated 4 years ago
- Credax - Fuzzing Tool with Slack Notifications. Also removes false positive responses.β10Oct 14, 2021Updated 4 years ago
- β16Sep 6, 2017Updated 8 years ago
- β12Feb 20, 2025Updated last year
- RootMe Challenges Writeupsβ12Jun 1, 2019Updated 6 years ago
- β21Dec 4, 2014Updated 11 years ago
- a recon framework that facilitates discovering, scanning and monitoring assets trough a configurable engine running on serverless aws infβ¦β12Aug 26, 2024Updated last year
- Welcome to the Very Vulnerable Lambda Application repository! This repository contains an intentionally vulnerable serverless applicatioβ¦β11Jul 22, 2024Updated last year
- β16Updated this week
- A vulnerable Cognito application is a simple web app that can be used to practice various Cognito attacks.β12Jul 13, 2022Updated 3 years ago
- β11Jan 24, 2023Updated 3 years ago
- Collection of all the resources published by Payatu.β11Aug 11, 2025Updated 6 months ago
- Filter URLs that match your scope file for bugbounty.β11May 23, 2023Updated 2 years ago
- Collection of rules for Static Application Security Testing (SAST) with Semgrepβ12Apr 16, 2025Updated 10 months ago
- β15Apr 10, 2025Updated 10 months ago
- simple tool for finding javascript files from webappsβ10Apr 20, 2023Updated 2 years ago
- Collection of tools, scripts, one-liners, templates, dorks and moreβ12Dec 13, 2025Updated 2 months ago
- Pimp my Kali but for lazy AFKersβ12Jun 18, 2023Updated 2 years ago
- A small pentesting lab for Azureβ10Apr 19, 2019Updated 6 years ago
- my n00b notes on web_studyβ16May 29, 2025Updated 9 months ago
- Exploring fundamentals of the Web including HTML, CSS and JavaScriptβ14Jul 31, 2021Updated 4 years ago
- Bug Bounty tool to automate the recon process.β12Oct 4, 2023Updated 2 years ago