dawgyg / bugbounty_toolsView external linksLinks
Collection of scripts and tools used during bug bounty work. This will be the location of my automation scripts created for my own personal use, and occassionally public released
☆130Dec 18, 2025Updated last month
Alternatives and similar repositories for bugbounty_tools
Users that are interested in bugbounty_tools are comparing it to the libraries listed below
Sorting:
- ☆14Feb 7, 2024Updated 2 years ago
- Bypass Reset Password Code Lead to Account Takeover☆26Sep 16, 2024Updated last year
- ☆52Oct 1, 2025Updated 4 months ago
- A standalone Blind XSS Script.☆48Aug 15, 2025Updated 5 months ago
- A comprehensive bug bounty methodology compiled from extensive research, covering web application reconnaissance, checklists, and methods…☆116Nov 11, 2024Updated last year
- Tools related to RFC 9116 (security.txt)☆25Feb 11, 2025Updated last year
- Python script implementing the favicon hash trick to find subdomains.☆38Mar 28, 2023Updated 2 years ago
- IDOR Scanner is a Burp Suite extension that automates the detection and enumeration of potentially vulnerable numeric fields to identify …☆43Feb 24, 2025Updated 11 months ago
- ex-param is an automated tool designed for finding reflected parameters for XSS vulnerabilities. It crawls a target website, extracts GET…☆63Feb 22, 2025Updated 11 months ago
- Analyze an APK archive.☆28Feb 24, 2024Updated last year
- ☆42Oct 28, 2021Updated 4 years ago
- PoC for leaking text nodes via CSS injection☆25Jul 27, 2024Updated last year
- TLDFinder is a Python package that identifies valid top-level domains (TLDs) for a list of domains with wildcard characters in the TLD.☆24Jul 2, 2023Updated 2 years ago
- A tool to guess the rest of the shortnames provided by vulnerable IIS instances.☆42Aug 12, 2023Updated 2 years ago
- Basic Bash Script to scrape all subdomains from crtsh in a single run☆19May 23, 2022Updated 3 years ago
- ☆29Feb 4, 2026Updated last week
- ☆38May 4, 2025Updated 9 months ago
- Gampung tools for find nuclei template from github☆12Sep 6, 2023Updated 2 years ago
- 一个用于修改右键插件菜单层级的Burpsuite插件。A simple BurpSuite extension to change extension context menu level.☆14Jan 15, 2024Updated 2 years ago
- Alternative to XSS Hunter for blind XSS.☆51Dec 8, 2022Updated 3 years ago
- A modified version of TomNomNom's anew, allowing for multiple files to be defined as parameters.☆13Jun 17, 2023Updated 2 years ago
- This python based tool can be used to discover API keys, access tokens, and other sensitive data in JavaScript files. It can scan JavaScr…☆14Oct 18, 2024Updated last year
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body☆36Dec 13, 2025Updated 2 months ago
- ☆18Nov 2, 2024Updated last year
- Scan websites for exposed Supabase JWTs, enumerate accessible tables, and detect sensitive data exposure automatically.☆116Dec 29, 2025Updated last month
- A tool to migrate Burpsuite HTTP history to Caido☆35Apr 25, 2025Updated 9 months ago
- List of Fresh DNS resolvers updates every 1 hour☆17Updated this week
- A collection of in-depth studies authored by me on JavaScript engine vulnerabilities.☆41Feb 6, 2026Updated last week
- Crawlex is a powerful Chrome extension designed to assist bug bounty hunters in their work by enabling easy crawling of all possible URLs…☆12May 28, 2023Updated 2 years ago
- Application for logging HTTP and DNS Requests☆15May 14, 2021Updated 4 years ago
- This repo collects nuclei template from 600+ github repos, updates every 6 hours.☆34Jan 25, 2026Updated 2 weeks ago
- Enumerate old versions of robots.txt paths using Wayback Machine for content discovery☆57Sep 21, 2023Updated 2 years ago
- ParamScan is a chrome extension for finding reflected parameters in a webpage.☆92Jan 11, 2025Updated last year
- ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be …☆60May 10, 2022Updated 3 years ago
- BetterBugBounty - Here tools are classic, bugs are hunted, and nostalgia is the ultimate weapon!☆29Feb 10, 2024Updated 2 years ago
- Nuclei templates to run on urls☆17Sep 14, 2023Updated 2 years ago
- CVE-2025-4123 - Grafana Tool☆30Jun 4, 2025Updated 8 months ago
- Javascript file change monitoring☆17Nov 11, 2025Updated 3 months ago
- Paramix is a command-line tool for modifying the parameters of a list of URLs from stdin and returns them in stdout.☆17Aug 23, 2024Updated last year