danilabs/tools-tbhm external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

danilabs/tools-tbhm

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/danilabs/tools-tbhm)

Close

danilabs / tools-tbhmView on GitHubMore

• External links
• Readme badge

Tools of "The Bug Hunters Methodology V2 by @jhaddix"

☆204Aug 11, 2017Updated 8 years ago

Alternatives and similar repositories for tools-tbhm

Users that are interested in tools-tbhm are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• anshumanbh / brutesubs

  View on GitHub
  An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …
  ☆260Aug 22, 2021Updated 4 years ago
• karelorigin / XSS-Problems

  View on GitHub
  ☆34Oct 1, 2019Updated 6 years ago
• gwen001 / actarus

  View on GitHub
  Actarus is a custom tool for bug bounty
  ☆75Nov 14, 2019Updated 6 years ago
• jhaddix / tbhm

  View on GitHub
  The Bug Hunters Methodology
  ☆4,356Aug 1, 2023Updated 2 years ago
• bugbountyforum / XSS-Radar

  View on GitHub
  ☆334Jan 8, 2018Updated 8 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• vulnersCom / burp-vulners-scanner

  View on GitHub
  Vulnerability scanner based on vulners.com search API
  ☆896Oct 1, 2025Updated 8 months ago
• jobertabma / ground-control

  View on GitHub
  A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.
  ☆549Jun 12, 2017Updated 9 years ago
• PortSwigger / backslash-powered-scanner

  View on GitHub
  Finds unknown classes of injection vulnerabilities
  ☆712Apr 30, 2025Updated last year
• xorrior / RemoteRecon

  View on GitHub
  Remote Recon and Collection
  ☆461Nov 23, 2017Updated 8 years ago
• floyd-fuh / burp-HttpFuzzer

  View on GitHub
  Burp plugin to do random fuzzing of HTTP requests
  ☆33Jan 31, 2017Updated 9 years ago
• P3GLEG / PwnBack

  View on GitHub
  Burp Extender plugin that generates a sitemap of a website using Wayback Machine
  ☆228May 8, 2018Updated 8 years ago
• fransr / bountyplz

  View on GitHub
  Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
  ☆462May 10, 2019Updated 7 years ago
• maK- / parameth

  View on GitHub
  This tool can be used to brute discover GET and POST parameters
  ☆1,395Aug 24, 2019Updated 6 years ago
• strozfriedberg / xxe-recursive-download

  View on GitHub
  ☆230Nov 18, 2015Updated 10 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• pathetiq / BurpSmartBuster

  View on GitHub
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆378Oct 12, 2020Updated 5 years ago
• jstnkndy / scripts

  View on GitHub
  Scripts that I've written that others may find useful
  ☆14Aug 17, 2022Updated 3 years ago
• mazen160 / struts-pwn_CVE-2017-9805

  View on GitHub
  An exploit for Apache Struts CVE-2017-9805
  ☆247Nov 7, 2017Updated 8 years ago
• SimplySecurity / simplydomain

  View on GitHub
  Subdomain brute force focused on speed and data serialization
  ☆76Dec 27, 2022Updated 3 years ago
• bugcrowd / HUNT

  View on GitHub
  ☆2,322Updated this week
• jhaddix / domain

  View on GitHub
  Setup script for Regon-ng
  ☆942Nov 17, 2020Updated 5 years ago
• yandex / burp-molly-pack

  View on GitHub
  Security checks pack for Burp Suite
  ☆140Feb 8, 2018Updated 8 years ago
• ajinabraham / WebAppSec

  View on GitHub
  Web Application Security
  ☆131Jan 6, 2026Updated 5 months ago
• t3ntman / Social-Engineering-Payloads

  View on GitHub
  Collection of social engineering payloads
  ☆297Oct 19, 2017Updated 8 years ago
• End-to-end encrypted cloud storage - Proton Drive • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
• EdOverflow / megplus

  View on GitHub
  Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
  ☆306Oct 14, 2018Updated 7 years ago
• gradiuscypher / bounty_tools

  View on GitHub
  Various tools for managing bug bounty recon and exploration.
  ☆48Dec 8, 2022Updated 3 years ago
• VirtueSecurity / aws-extender

  View on GitHub
  AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.
  ☆258Feb 23, 2022Updated 4 years ago
• federicodotta / HandyCollaborator

  View on GitHub
  Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!
  ☆103Jun 1, 2018Updated 8 years ago
• silentsignal / burp-image-size

  View on GitHub
  Image size issues plugin for Burp Suite
  ☆95Jun 27, 2018Updated 7 years ago
• appsecco / bugcrowd-levelup-subdomain-enumeration

  View on GitHub
  This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…
  ☆633Feb 5, 2019Updated 7 years ago
• GrrrDog / ZeroNights-WebVillage-2017

  View on GitHub
  ☆72Nov 20, 2017Updated 8 years ago
• ChrisCooney / fuzz-monkey

  View on GitHub
  Fuzzing tool written in Golang. Insane monkey not included.
  ☆12Feb 22, 2018Updated 8 years ago
• joekir / rwhois

  View on GitHub
  Reverse whois query tool
  ☆11Jul 28, 2016Updated 9 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• nccgroup / Decoder-Improved

  View on GitHub
  Improved decoder for Burp Suite
  ☆139Aug 30, 2021Updated 4 years ago
• jobertabma / recon.sh

  View on GitHub
  A toolset to track and organize output of reconnaissance tools
  ☆347Jan 3, 2018Updated 8 years ago
• cujanovic / SSRF-Testing

  View on GitHub
  SSRF (Server Side Request Forgery) testing resources
  ☆2,498Oct 12, 2024Updated last year
• EdOverflow / bugbountyguide

  View on GitHub
  Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.
  ☆475Nov 10, 2022Updated 3 years ago
• 4ARMED / terraform-burp-collaborator

  View on GitHub
  Terraform configuration to build a Burp Private Collaborator Server
  ☆25Nov 7, 2017Updated 8 years ago
• TypeError / domained

  View on GitHub
  Multi Tool Subdomain Enumeration
  ☆723Apr 11, 2021Updated 5 years ago
• akampjes / p0rk-crackling

  View on GitHub
  Distributed password cracker for operating over high latency networks of loosely coupled hosts.
  ☆13Jul 30, 2013Updated 12 years ago