brosck / BugBountyTricks
γπγBug Bounty Tricks
β38Updated last year
Alternatives and similar repositories for BugBountyTricks:
Users that are interested in BugBountyTricks are comparing it to the libraries listed below
- This tool allows you to find ssti vulnerability with ease!β20Updated 2 years ago
- ParamFirstCheck identifies in a list of urls those containing a parameter of the top 25 of the most vulnerable parameters for SQLi, LFI, β¦β35Updated last year
- The fastest way to setup XSSHunter. It has options for the official and Discord/Slack Forksβ42Updated last year
- β68Updated 2 years ago
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.β44Updated last year
- Script that download 37+ open source nuclei templatesβ43Updated 2 years ago
- JaelesFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applicationsβ15Updated 11 months ago
- XSS Finder Via SSTIβ54Updated last year
- ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be ��β¦β58Updated 2 years ago
- β44Updated last year
- Check if domain has bug bounty program or notβ27Updated last year
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to β¦β49Updated 2 years ago
- Process URLs and remove duplicate query parameters.β28Updated last year
- xsschecker tool checking reflected endpoints finding possible xss vulnerable endpoints.β21Updated 5 months ago
- JsValidator is a tool created for validating the JS files after crawlling it from waybackurlsβ19Updated 2 years ago
- A simple automation tool to detect lfi, rce and ssti vulnerabilityβ55Updated 3 years ago
- This repository contains proof of concept for zero days and CVEs that were found by Omar Hashem through Security Researchβ44Updated 2 years ago
- I collected it to help the bug hunter get a rewardβ58Updated 2 years ago
- Tool for testing reflections in the HTTP responsesβ60Updated last year
- Hidden input parameters finderβ17Updated last year
- This Python script automates the process of identifying vulnerabilities in Firebase configurations extracted from APK files.β31Updated 2 weeks ago
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HEβ53Updated 5 months ago
- This script is used to search for cloud certificate entities such as Amazon, Azure, and others that have been extracted by the kaeferjaegβ¦β42Updated 4 months ago
- Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.β50Updated 3 years ago
- A Complete SSRF (Server Side Request Forgery) Scanner.β33Updated 2 months ago
- An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.β43Updated 4 years ago
- Host Header Vulnerability Scanner Automated Toolβ22Updated last year
- 400 plus rules available. scan4secrets is a lightweight source code scanner that detects hardcoded secrets, API keys, credentials, and sβ¦β17Updated this week
- The (WordPress) website test script can be exploited for Unlimited File Upload via CVE-2020-35489β30Updated last year
- Advanced Tool To Scan And Exploit Local File Inclusion (LFI) Vulnerabilitiesβ31Updated last year