Tools, data, and contact lists relevant to The disclose.io Project.
☆326Sep 28, 2023Updated 2 years ago
Alternatives and similar repositories for resources
Users that are interested in resources are comparing it to the libraries listed below
Sorting:
- Open-source vulnerability disclosure and bug bounty program database☆1,054Feb 9, 2026Updated last month
- A Go scraper that validates security.txt files and outputs them in the disclose.io JSON format.☆23May 18, 2025Updated 9 months ago
- ☆16Dec 7, 2025Updated 3 months ago
- A community-powered collection of all known bug bounty platforms, vulnerability disclosure platforms, and crowdsourced security platforms…☆870Mar 1, 2026Updated last week
- Dump Lsass Memory Using a Reflective Dll☆14Feb 4, 2022Updated 4 years ago
- A standard allowing organizations to nominate security contact points and policies via DNS TXT records.☆34Jun 4, 2025Updated 9 months ago
- A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.☆30Mar 2, 2022Updated 4 years ago
- Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modules☆187Oct 30, 2021Updated 4 years ago
- Find endpoints on GitHub.☆214Mar 28, 2023Updated 2 years ago
- Burp Extension that copies a request and builds a FFUF skeleton☆113Sep 29, 2023Updated 2 years ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.☆6,089Aug 14, 2024Updated last year
- Bug Bounty Recon Script☆18Aug 14, 2020Updated 5 years ago
- Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!☆1,313Updated this week
- This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for …☆3,659Updated this week
- My Tools For Bug Bounty☆69Sep 23, 2024Updated last year
- A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference☆5,557Aug 6, 2023Updated 2 years ago
- Reverse proxies cheatsheet☆1,854Nov 4, 2023Updated 2 years ago
- Generate a dynamic PAC script that will route traffic to your Burp proxy only if it matches the scope defined in your Burp target.☆33Nov 8, 2021Updated 4 years ago
- Run all your bug bounty VPN profiles in parallel and expose them via multiple local SOCKS proxies.☆113Nov 14, 2021Updated 4 years ago
- Pythonize Intruder Payload☆13Dec 15, 2020Updated 5 years ago
- Free Email Providers☆11Aug 15, 2023Updated 2 years ago
- A list of resources for those interested in getting started in bug bounties inspired from https://github.com/nahamsec/Resources-for-Beg…☆169Aug 1, 2020Updated 5 years ago
- ☆154Aug 18, 2023Updated 2 years ago
- Asset inventory of over 800 public bug bounty programs.☆1,520Feb 14, 2025Updated last year
- The Swiss Army knife for automated Web Application Testing☆2,323May 8, 2024Updated last year
- A list of resources for those interested in getting started in bug bounties☆11,884Jul 23, 2024Updated last year
- BBT - Bug Bounty Tools (examples💡)☆1,880Apr 5, 2024Updated last year
- Signatures for wraith used to detect secrets across various sources☆15Jul 8, 2022Updated 3 years ago
- jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()…☆11Apr 9, 2021Updated 4 years ago
- A notification script to help with Recon Stuff☆14Jun 8, 2021Updated 4 years ago
- A rapid API for the Project Sonar dataset☆656May 5, 2023Updated 2 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆956Dec 31, 2021Updated 4 years ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆132Feb 19, 2021Updated 5 years ago
- ☆213Jul 3, 2021Updated 4 years ago
- Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pag…☆529Apr 23, 2025Updated 10 months ago
- Community curated list of public bug bounty and responsible disclosure programs.☆1,283Jan 5, 2026Updated 2 months ago
- A fast DOM based XSS vulnerability scanner with simplicity.☆856Sep 30, 2022Updated 3 years ago
- search Google and extract results directly. skip all the click-through links and other sketchiness☆504Jul 12, 2022Updated 3 years ago
- A free, open-source, multi-lingual, template-based VDP policy, safe harbor clause, securitytxt, and DNS Security TXT generator.☆15May 28, 2025Updated 9 months ago