🐛 A list of writeups from the MSRC (Microsoft) Bug Bounty program
☆31Oct 29, 2025Updated 5 months ago
Alternatives and similar repositories for awesome-msrc-writeups
Users that are interested in awesome-msrc-writeups are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Android webviews and securiy☆23Sep 18, 2025Updated 6 months ago
- JSSCM detects expired domains for Stored XSS exploitation during browsing.☆58Apr 3, 2025Updated last year
- PoC List☆10Sep 4, 2022Updated 3 years ago
- ☆36Jan 8, 2026Updated 3 months ago
- PostScript examples useful for attacking Ghostscript.☆12Aug 1, 2024Updated last year
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- Keep track of changes in website with WEBSY☆35May 22, 2023Updated 2 years ago
- ☆62Nov 4, 2025Updated 5 months ago
- BetterBugBounty - Here tools are classic, bugs are hunted, and nostalgia is the ultimate weapon!☆30Feb 10, 2024Updated 2 years ago
- Independent file type identification python library☆12Mar 16, 2023Updated 3 years ago
- 申明:仅供教学演示,禁用非法、未授权等进行钓鱼,后果自负。☆12May 21, 2024Updated last year
- Automatic Enumeration is a command line utility that automatically tries to collect and retrieve various pieces of information from a tar…☆15Apr 21, 2025Updated 11 months ago
- ☆39Feb 27, 2026Updated last month
- InfiniteWP Client < 1.9.4.5 - Authentication Bypass☆21Jul 28, 2021Updated 4 years ago
- ☆35Aug 5, 2025Updated 8 months ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- ☆49Jul 8, 2025Updated 9 months ago
- This repo contains code for the parser to extract data from .tm7 and .tb7 files. The project can by consumed as a NuGet package that pars…☆16Jun 15, 2023Updated 2 years ago
- OSS存储桶的漏洞扫描工具,目前支持阿里云、腾讯云、华为云、aws☆64Nov 5, 2025Updated 5 months ago
- If you found this, you are among the truly lucky, to be given providence to my curated and often custom wordlists. Enjoy, buddy, you've …☆62Jun 20, 2025Updated 9 months ago
- Script to automate bypassing 403 forbidden status code☆24Jun 18, 2025Updated 9 months ago
- 利用Gemini分析前端js文件中的安全漏洞☆39Jun 30, 2025Updated 9 months ago
- PoC for XSS in org.webjars:swagger-ui [3.14.2, 3.36.2]☆51Feb 17, 2023Updated 3 years ago
- Active monitoring bug bounty programs tool☆49Jan 21, 2026Updated 2 months ago
- ☆38Aug 12, 2020Updated 5 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- JAW: A Graph-based Security Analysis Framework for Client-side JavaScript☆119Feb 13, 2026Updated 2 months ago
- ☆15Mar 10, 2025Updated last year
- Laravel Debug mode RCE漏洞(CVE-2021-3129)poc / exp☆13Mar 4, 2023Updated 3 years ago
- PHP Phishing Framework☆28Dec 28, 2013Updated 12 years ago
- ☆24Apr 10, 2023Updated 3 years ago
- A fancier postMessage tracker with Chrome Manifest version V3 support and a few additional features, inspired by Frans Rosens postmessage…☆123Sep 12, 2025Updated 7 months ago
- Standardised setup for researching WordPress plugin- and theme vulnerabilities.☆31Mar 17, 2026Updated 3 weeks ago
- Blank methodology sheet for the OSWE exam☆13Dec 17, 2021Updated 4 years ago
- Caido's passive workflow to find potential leaked secrets, PII, and sensitive fields.☆26Jan 13, 2025Updated last year
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆151Mar 30, 2026Updated last week
- uforall is a fast url crawler this tool crawl all URLs number of different sources, alienvault,WayBackMachine,urlscan,commoncrawl☆52Nov 3, 2025Updated 5 months ago
- A Lightning-Fast DNS Resolver written in Rust 🦀☆69Nov 19, 2024Updated last year
- HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project conta…☆49Dec 2, 2017Updated 8 years ago
- Web Application Attack☆14Dec 16, 2019Updated 6 years ago
- 一些关于ISCC平台的实用脚本☆10Jun 2, 2024Updated last year
- Javascript file change monitoring☆17Mar 13, 2026Updated last month