bugbounty-site / exploits

Related projects: ⓘ

• xyele / hostinjector
  ☆53Updated this week
• Team-Firebugs / Burp-LFI-tests
  Fuzzing for LFI using Burpsuite
  ☆58Updated 7 years ago
• plenumlab / lazyrecon
  This script is intended to automate your reconnaissance process in an organized fashion
  ☆38Updated 5 years ago
• err0rr / SSTI
  ☆38Updated 4 years ago
• ghsec / BBProfiles
  Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that improve an active and passive scanner by yourself. This …
  ☆60Updated 2 years ago
• dreadlocked / SSRFmap
  Simple Server Side Request Forgery services enumeration tool.
  ☆54Updated 6 years ago
• appsecco / practical-recon-levelup0x02
  This repository contains all the material from the talk "Practical recon techniques for bug hunters & pentesters" given at Bugcrowd Level…
  ☆60Updated 5 years ago
• haroonawanofficial / HTTP-Desync-Attack
  ☆27Updated this week
• sailay1996 / offsec_WE
  learning case to prepare OSWE
  ☆38Updated 4 years ago
• crawl3r / PortswiggerXSS
  gathers the XSS cheatsheet payloads and creates a usable wordlist
  ☆70Updated 3 years ago
• MrMax4o4 / Hunting-Tips
  ☆45Updated this week
• ettic-team / EndpointFinder-Burp
  ☆31Updated 5 years ago
• askDing / burpsuite_payloads
  ☆34Updated this week
• maK- / scanomaly-2years
  This is a web application fuzzer scanner - the goal was CLI flexibility and rapid prototyping
  ☆46Updated 4 years ago
• DFC302 / BugBountyTemplate
  A simple Cherry Tree template that can be used to organize bug bounties
  ☆33Updated 5 years ago
• fadyosman / SAMLExtractor
  A tool that can take a URL or list of URL and prints back SAML consume URL.
  ☆36Updated 5 years ago
• theblackturtle / wildcheck
  A simple tool to detect wildcards domain based on Amass's wildcards detector.
  ☆62Updated 3 years ago
• yassineaboukir / CVE-2020-5902
  Proof of concept for CVE-2020-5902
  ☆72Updated 4 years ago
• fellchase / flumberboozle
  Suite of programs meant to aid in bug hunting and security assessments
  ☆75Updated 4 years ago
• cujanovic / subdomain-bruteforce-list
  subdomain bruteforce list
  ☆96Updated 2 years ago
• guilhermesilvame / security
  Collection of scripts to test your website against vulnerabilities.
  ☆18Updated 6 months ago
• arbazkiraak / BurpBLH
  Broken Link Hijacking Burp Extension
  ☆54Updated 5 years ago
• yasinS / bug-bounty-reference
  Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
  ☆36Updated 6 years ago
• tdr130 / assetnote
  Push notifications for passive DNS data
  ☆105Updated 8 years ago
• irsdl / OutlookLeakTest
  The Outlook HTML Leak Test Project
  ☆41Updated 6 years ago
• Leoid / B1tMass
  ☆57Updated this week
• securityidiots / CollabOzark
  CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.
  ☆136Updated 4 years ago
• ZephrFish / BurpFeed
  Hacked together script for feeding urls into Burp's Sitemap
  ☆89Updated last year
• codewatchorg / Burp-AnonymousCloud
  Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities
  ☆41Updated last year
• irsdl / BurpTabEssentials
  This changes the style of Burp Suite's Repeater tabs to help the testers
  ☆28Updated 5 years ago