danilabs/tools-tbhm external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

danilabs/tools-tbhm

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/danilabs/tools-tbhm)

Close

danilabs / tools-tbhmView on GitHubMore

• External links
• Readme badge

Tools of "The Bug Hunters Methodology V2 by @jhaddix"

☆201Aug 11, 2017Updated 8 years ago

Alternatives and similar repositories for tools-tbhm

Users that are interested in tools-tbhm are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• anshumanbh / brutesubs

  View on GitHub
  An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …
  ☆260Aug 22, 2021Updated 4 years ago
• karelorigin / XSS-Problems

  View on GitHub
  ☆34Oct 1, 2019Updated 6 years ago
• gwen001 / actarus

  View on GitHub
  Actarus is a custom tool for bug bounty
  ☆77Nov 14, 2019Updated 6 years ago
• jhaddix / tbhm

  View on GitHub
  The Bug Hunters Methodology
  ☆4,265Aug 1, 2023Updated 2 years ago
• bugbountyforum / XSS-Radar

  View on GitHub
  ☆332Jan 8, 2018Updated 8 years ago
• NordVPN Threat Protection Pro™ • Ad
  Take your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
• vulnersCom / burp-vulners-scanner

  View on GitHub
  Vulnerability scanner based on vulners.com search API
  ☆887Oct 1, 2025Updated 5 months ago
• jobertabma / ground-control

  View on GitHub
  A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.
  ☆549Jun 12, 2017Updated 8 years ago
• PortSwigger / backslash-powered-scanner

  View on GitHub
  Finds unknown classes of injection vulnerabilities
  ☆709Apr 30, 2025Updated 10 months ago
• floyd-fuh / burp-HttpFuzzer

  View on GitHub
  Burp plugin to do random fuzzing of HTTP requests
  ☆33Jan 31, 2017Updated 9 years ago
• xorrior / RemoteRecon

  View on GitHub
  Remote Recon and Collection
  ☆460Nov 23, 2017Updated 8 years ago
• P3GLEG / PwnBack

  View on GitHub
  Burp Extender plugin that generates a sitemap of a website using Wayback Machine
  ☆227May 8, 2018Updated 7 years ago
• fransr / bountyplz

  View on GitHub
  Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
  ☆458May 10, 2019Updated 6 years ago
• maK- / parameth

  View on GitHub
  This tool can be used to brute discover GET and POST parameters
  ☆1,396Aug 24, 2019Updated 6 years ago
• strozfriedberg / xxe-recursive-download

  View on GitHub
  ☆231Nov 18, 2015Updated 10 years ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• pathetiq / BurpSmartBuster

  View on GitHub
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆378Oct 12, 2020Updated 5 years ago
• jstnkndy / scripts

  View on GitHub
  Scripts that I've written that others may find useful
  ☆14Aug 17, 2022Updated 3 years ago
• mazen160 / struts-pwn_CVE-2017-9805

  View on GitHub
  An exploit for Apache Struts CVE-2017-9805
  ☆247Nov 7, 2017Updated 8 years ago
• SimplySecurity / simplydomain

  View on GitHub
  Subdomain brute force focused on speed and data serialization
  ☆75Dec 27, 2022Updated 3 years ago
• bugcrowd / HUNT

  View on GitHub
  ☆2,321Dec 8, 2023Updated 2 years ago
• jhaddix / domain

  View on GitHub
  Setup script for Regon-ng
  ☆939Nov 17, 2020Updated 5 years ago
• yandex / burp-molly-pack

  View on GitHub
  Security checks pack for Burp Suite
  ☆140Feb 8, 2018Updated 8 years ago
• ajinabraham / WebAppSec

  View on GitHub
  Web Application Security
  ☆131Jan 6, 2026Updated 2 months ago
• t3ntman / Social-Engineering-Payloads

  View on GitHub
  Collection of social engineering payloads
  ☆300Oct 19, 2017Updated 8 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• EdOverflow / megplus

  View on GitHub
  Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
  ☆305Oct 14, 2018Updated 7 years ago
• gradiuscypher / bounty_tools

  View on GitHub
  Various tools for managing bug bounty recon and exploration.
  ☆48Dec 8, 2022Updated 3 years ago
• VirtueSecurity / aws-extender

  View on GitHub
  AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.
  ☆256Feb 23, 2022Updated 4 years ago
• federicodotta / HandyCollaborator

  View on GitHub
  Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!
  ☆104Jun 1, 2018Updated 7 years ago
• silentsignal / burp-image-size

  View on GitHub
  Image size issues plugin for Burp Suite
  ☆95Jun 27, 2018Updated 7 years ago
• appsecco / bugcrowd-levelup-subdomain-enumeration

  View on GitHub
  This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…
  ☆628Feb 5, 2019Updated 7 years ago
• GrrrDog / ZeroNights-WebVillage-2017

  View on GitHub
  ☆72Nov 20, 2017Updated 8 years ago
• ChrisCooney / fuzz-monkey

  View on GitHub
  Fuzzing tool written in Golang. Insane monkey not included.
  ☆12Feb 22, 2018Updated 8 years ago
• joekir / rwhois

  View on GitHub
  Reverse whois query tool
  ☆11Jul 28, 2016Updated 9 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• nccgroup / Decoder-Improved

  View on GitHub
  Improved decoder for Burp Suite
  ☆138Aug 30, 2021Updated 4 years ago
• jobertabma / recon.sh

  View on GitHub
  A toolset to track and organize output of reconnaissance tools
  ☆349Jan 3, 2018Updated 8 years ago
• cujanovic / SSRF-Testing

  View on GitHub
  SSRF (Server Side Request Forgery) testing resources
  ☆2,482Oct 12, 2024Updated last year
• EdOverflow / bugbountyguide

  View on GitHub
  Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.
  ☆472Nov 10, 2022Updated 3 years ago
• 4ARMED / terraform-burp-collaborator

  View on GitHub
  Terraform configuration to build a Burp Private Collaborator Server
  ☆25Nov 7, 2017Updated 8 years ago
• TypeError / domained

  View on GitHub
  Multi Tool Subdomain Enumeration
  ☆723Apr 11, 2021Updated 4 years ago
• infosec-au / webappsec-toolkit

  View on GitHub
  Web Application Security related tools. Includes backdoors, proof of concepts and tricks
  ☆37Oct 21, 2014Updated 11 years ago