devanshbatham/Awesome-Bugbounty-Writeups external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

devanshbatham/Awesome-Bugbounty-Writeups

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/devanshbatham/Awesome-Bugbounty-Writeups)

Close

devanshbatham / Awesome-Bugbounty-WriteupsView on GitHubMore

• External links
• Readme badge

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

☆5,551Aug 6, 2023Updated 2 years ago

Alternatives and similar repositories for Awesome-Bugbounty-Writeups

Users that are interested in Awesome-Bugbounty-Writeups are comparing it to the libraries listed below

• KathanP19 / HowToHunt

  View on GitHub
  Collection of methodology and test case for various web vulnerabilities.
  ☆7,039Jun 25, 2025Updated 8 months ago
• nahamsec / Resources-for-Beginner-Bug-Bounty-Hunters

  View on GitHub
  A list of resources for those interested in getting started in bug bounties
  ☆11,867Jul 23, 2024Updated last year
• daffainfo / AllAboutBugBounty

  View on GitHub
  All about bug bounty (bypasses, payloads, and etc)
  ☆6,658Sep 8, 2023Updated 2 years ago
• EdOverflow / bugbounty-cheatsheet

  View on GitHub
  A list of interesting payloads, tips and tricks for bug bounty hunters.
  ☆6,382Sep 14, 2023Updated 2 years ago
• ngalongc / bug-bounty-reference

  View on GitHub
  Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
  ☆4,073Jul 31, 2024Updated last year
• KingOfBugbounty / KingOfBugBountyTips

  View on GitHub
  Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens…
  ☆5,223Jan 31, 2026Updated last month
• dwisiswant0 / awesome-oneliner-bugbounty

  View on GitHub
  A collection of awesome one-liner scripts especially for bug bounty tips.
  ☆3,077Jul 29, 2024Updated last year
• reddelexc / hackerone-reports

  View on GitHub
  Top disclosed reports from HackerOne
  ☆5,358Updated this week
• vavkamil / awesome-bugbounty-tools

  View on GitHub
  A curated list of various bug bounty tools
  ☆5,817Feb 9, 2026Updated 3 weeks ago
• djadmin / awesome-bug-bounty

  View on GitHub
  A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
  ☆5,451Jan 15, 2024Updated 2 years ago
• streaak / keyhacks

  View on GitHub
  Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
  ☆6,082Aug 14, 2024Updated last year
• HolyBugx / HolyTips

  View on GitHub
  A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
  ☆1,977Sep 5, 2021Updated 4 years ago
• imran-parray / Mind-Maps

  View on GitHub
  Mind-Maps of Several Things
  ☆2,625Jun 29, 2023Updated 2 years ago
• harsh-bothra / learn365

  View on GitHub
  This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
  ☆1,692Jun 20, 2022Updated 3 years ago
• sushiwushi / bug-bounty-dorks

  View on GitHub
  List of Google Dorks for sites that have responsible disclosure program / bug bounty program
  ☆1,884Dec 8, 2025Updated 2 months ago
• m4ll0k / BBTz

  View on GitHub
  BBT - Bug Bounty Tools (examples💡)
  ☆1,883Apr 5, 2024Updated last year
• arkadiyt / bounty-targets-data

  View on GitHub
  This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for …
  ☆3,659Updated this week
• six2dez / reconftw

  View on GitHub
  reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findin…
  ☆7,280Updated this week
• 1ndianl33t / Bug-Bounty-Roadmaps

  View on GitHub
  Bug Bounty Roadmaps
  ☆1,716Jun 12, 2021Updated 4 years ago
• devanshbatham / ParamSpider

  View on GitHub
  Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
  ☆3,012Jun 24, 2024Updated last year
• EdOverflow / can-i-take-over-xyz

  View on GitHub
  "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
  ☆5,572Feb 8, 2025Updated last year
• lc / gau

  View on GitHub
  Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
  ☆4,842Jan 1, 2025Updated last year
• swisskyrepo / PayloadsAllTheThings

  View on GitHub
  A list of useful payloads and bypass for Web Application Security and Pentest/CTF
  ☆75,690Updated this week
• sehno / Bug-bounty

  View on GitHub
  Ressources for bug bounty hunting
  ☆1,907Dec 1, 2022Updated 3 years ago
• 0xmaximus / Galaxy-Bugbounty-Checklist

  View on GitHub
  Tips and Tutorials for Bug Bounty and also Penetration Tests.
  ☆1,707Oct 7, 2025Updated 4 months ago
• hahwul / dalfox

  View on GitHub
  🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
  ☆4,859Feb 28, 2026Updated last week
• jhaddix / tbhm

  View on GitHub
  The Bug Hunters Methodology
  ☆4,260Aug 1, 2023Updated 2 years ago
• Karanxa / Bug-Bounty-Wordlists

  View on GitHub
  A repository that includes all the important wordlists used while bug hunting.
  ☆1,379Mar 11, 2023Updated 2 years ago
• Az0x7 / vulnerability-Checklist

  View on GitHub
  This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
  ☆3,266Feb 10, 2024Updated 2 years ago
• six2dez / OneListForAll

  View on GitHub
  Rockyou for web fuzzing
  ☆3,028Feb 11, 2026Updated 3 weeks ago
• s0md3v / Arjun

  View on GitHub
  HTTP parameter discovery suite.
  ☆6,109Feb 20, 2025Updated last year
• inonshk / 31-days-of-API-Security-Tips

  View on GitHub
  This challenge is Inon Shkedy's 31 days API Security Tips.
  ☆2,231Apr 20, 2022Updated 3 years ago
• hahwul / WebHackersWeapons

  View on GitHub
  ⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
  ☆4,532Feb 15, 2026Updated 2 weeks ago
• GerbenJavado / LinkFinder

  View on GitHub
  A python script that finds endpoints in JavaScript files
  ☆4,294Apr 13, 2024Updated last year
• xdavidhu / awesome-google-vrp-writeups

  View on GitHub
  🐛 A list of writeups from the Google VRP Bug Bounty program
  ☆1,452Feb 7, 2026Updated 3 weeks ago
• lutfumertceylan / top25-parameter

  View on GitHub
  For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
  ☆1,820Jun 9, 2024Updated last year
• kleiton0x00 / Advanced-SQL-Injection-Cheatsheet

  View on GitHub
  A cheat sheet that contains advanced queries for SQL Injection of all types.
  ☆3,154May 13, 2023Updated 2 years ago
• s0md3v / AwesomeXSS

  View on GitHub
  Awesome XSS stuff
  ☆5,066Oct 30, 2024Updated last year
• KathanP19 / JSFScan.sh

  View on GitHub
  Automation for javascript recon in bug bounty.
  ☆1,069Sep 9, 2023Updated 2 years ago