bugcrowd / disclosure-policy

Related projects ⓘ

Alternatives and complementary repositories for disclosure-policy

• shieldfy / waf-detector
  small script to detect web application firewall on any website
  ☆41Updated 7 years ago
• salesforce / AutoTriageBot
  AutoTriageBot automatically verifies, deduplicates, and suggests payouts for incoming HackerOne reports.
  ☆57Updated 2 years ago
• IOActive / RepoSsessed
  A project designed to parse public source code repositories and find various types of vulnerabilities.
  ☆190Updated 7 years ago
• EdOverflow / legal-bug-bounty
  #legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.
  ☆68Updated 4 years ago
• radicallyopensecurity / pentesting-scripts
  Scripts that we use for pentesting
  ☆41Updated 7 years ago
• we45 / ZAP-Mini-Workshop
  Interactive IPython Notebook to demonstrate OWASP ZAP's API and Scripting Functions - OWASP ZAP 2.8.0
  ☆41Updated last year
• michenriksen / searchpass
  A simple tool for offline searching of default credentials for network devices, web applications and more.
  ☆165Updated 7 years ago
• chrisallenlane / drek
  A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a la…
  ☆140Updated 4 months ago
• ReconJSON / ReconJSON
  ReconJSON is a project dedicated to creating a flexible and consistent JSON format across popular recon tools.
  ☆102Updated 5 years ago
• avlidienbrunn / bountydash
  BountyDash is a tool to combine your rewards from all platforms, giving you insights about your progress and bug hunting patterns.
  ☆140Updated last year
• skahwah / automato
  automato should help with automating some of the user-focused enumeration tasks during an internal penetration test.
  ☆72Updated 4 years ago
• michenriksen / bucketlist
  Amazon S3 bucket spelunking!
  ☆84Updated 7 years ago
• portcullislabs / co-ordinated-disclosure-toolkit
  Portcullis Computer Security Co-ordinated Disclosure Toolkit
  ☆24Updated 4 years ago
• PentesterLab / sectalks
  ☆12Updated 7 years ago
• vegabird / xvna
  Extreme Vulnerable Node Application
  ☆93Updated 6 years ago
• secdec / attack-surface-detector-zap
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆61Updated last year
• EdOverflow / h1-cli
  A CLI tool to interact with hackerone.com. This was my submission for HackerOne's Summer 2018 Hack Day.
  ☆36Updated 6 years ago
• pentestgeek / scripts
  A collection of useful scripts for penetration testers
  ☆81Updated 12 years ago
• GoSecure / csp-auditor
  Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website
  ☆136Updated 4 years ago
• anilyuk / punydomaincheck
  Puny Domain Name Check
  ☆36Updated 5 years ago
• peterjaric / archaeologit
  Archaeologit scans the history of a user's GitHub repositories for a given pattern to find sensitive things.
  ☆139Updated 6 years ago
• cure53 / public-pentesting-reports
  Curated list of public penetration testing reports released by several consulting firms
  ☆47Updated 6 years ago
• EdOverflow / security-template
  A static website template for security pages.
  ☆50Updated 2 months ago
• DefectDojo / Burp-Plugin
  A Burp plugin to export findings to DefectDojo
  ☆30Updated last year
• DinisCruz / Book_Software_Quality
  Content for 'Measuring Software Quality using Application Security' book published at LeanPub
  ☆38Updated 8 years ago