alpernae / bugbounty
Hello, fellow bug bounty hunters! This repository is a collection of my personal bug bounty and security researching resources, scripts, and notes. My goal is to share useful information and tools that have helped me in my own journey, with the hope that they can do the same for you.
☆9Updated 3 months ago
Alternatives and similar repositories for bugbounty:
Users that are interested in bugbounty are comparing it to the libraries listed below
- ☆36Updated 3 months ago
- Python for AWAE (Advanced Web Attacks and Exploitation)☆94Updated last year
- A collection of slides and presentations from BSides Ahmedabad 2024, held on October 12th and 13th. This repository features key insights…☆37Updated 6 months ago
- ☆20Updated 6 months ago
- ☆69Updated 7 months ago
- ☆102Updated 2 years ago
- Cross-Site Scripting (XSS) injects malicious scripts into trusted websites via user input. Attacker-sent scripts run in users' browsers, …☆41Updated last year
- ☆41Updated last year
- Automate Recon XSS Bug Bounty☆158Updated this week
- Web Application Penetration Testing☆109Updated this week
- A passive way to find backups/ sensitive information.☆77Updated last week
- 𝗥𝗮𝗱𝗵𝗲 is a tool that automatically enumerates subdomains, checks if they are live, and finds "Unauthenticated cache purge" and "Serv…☆6Updated last year
- IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applicatio…☆98Updated last month
- ☆128Updated last month
- Welcome SecToolkit repository! This is a comprehensive collection of cybersecurity and bug bounty hunting topics. Here, you'll find a var…☆38Updated this week
- 🪄 XSSDynaGen is a tool designed to analyze URLs with parameters, identify the characters allowed by the server, and generate advanced XS…☆51Updated 4 months ago
- AutoRecon-XSS is a script designed for automated reconnaissance of XSS vulnerabilities. It crawls the target URL or alive domains, extrac…☆133Updated last year
- A curated list of Android Security materials and resources For Pentesters and Bug Hunters☆13Updated 4 years ago
- 403Bypasser is a simple plugin that lets you bypass 403 status code by transforming HTTP requests with custom templates.☆65Updated last month
- A Bash script for automated nuclei dast scanning by using passive urls☆74Updated 2 months ago
- A collection of solutions for every PortSwigger Academy Lab (in progress)☆95Updated 3 years ago
- SubOwner - A Simple tool check for subdomain takeovers.☆112Updated 6 months ago
- GoogleDorker - Unleash the power of Google dorking for ethical hackers with custom search precision.☆179Updated 4 months ago
- Organize, track, and share vulnerability findings effortlessly. This Burp Suite extension integrates with Obsidian, offering a proven not…☆29Updated last month
- Collection of some pentesting and bugbounty resources☆43Updated 3 years ago
- ☆162Updated 6 months ago
- Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens…☆28Updated last year
- ☆24Updated last month
- Bash Scripting Cheatsheet for pen-testing!☆30Updated last year
- This repository contains a curated list of websites and repositories featuring pentest & red-team resources such as cheatsheets, write-up…☆61Updated 4 months ago