Tools, data, and contact lists relevant to The disclose.io Project.
☆326Mar 20, 2026Updated last month
Alternatives and similar repositories for resources
Users that are interested in resources are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Open-source vulnerability disclosure and bug bounty program database☆1,061Apr 23, 2026Updated 2 weeks ago
- The current website at https://disclose.io.☆19Updated this week
- A Go scraper that validates security.txt files and outputs them in the disclose.io JSON format.☆23Apr 18, 2026Updated 2 weeks ago
- Open-source vulnerability disclosure policy templates.☆69Apr 18, 2026Updated 2 weeks ago
- Misc bounty and vulndisc things☆86Jan 4, 2021Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A standard allowing organizations to nominate security contact points and policies via DNS TXT records.☆34Mar 20, 2026Updated last month
- A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference☆5,771Aug 6, 2023Updated 2 years ago
- Bug Bounty Recon Script☆18Aug 14, 2020Updated 5 years ago
- A community-powered collection of all known bug bounty platforms, vulnerability disclosure platforms, and crowdsourced security platforms…☆971Apr 24, 2026Updated last week
- Collection of legal threats against good faith Security Researchers; vulnerability disclosure gone wrong. A continuation of work started …☆322Updated this week
- A list of resources for those interested in getting started in bug bounties☆11,985Jul 23, 2024Updated last year
- A small script for my recon during bug hunting. Needs some modifications☆17Mar 5, 2020Updated 6 years ago
- A list of resources for those interested in getting started in bug bounties inspired from https://github.com/nahamsec/Resources-for-Beg…☆170Aug 1, 2020Updated 5 years ago
- A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.☆30Mar 2, 2022Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Burp Extension that copies a request and builds a FFUF skeleton☆113Sep 29, 2023Updated 2 years ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.☆6,197Aug 14, 2024Updated last year
- jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()…☆11Apr 9, 2021Updated 5 years ago
- Pythonize Intruder Payload☆13Dec 15, 2020Updated 5 years ago
- Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!☆1,371Apr 23, 2026Updated last week
- ☆209Jul 3, 2021Updated 4 years ago
- Reverse proxies cheatsheet☆1,863Nov 4, 2023Updated 2 years ago
- Query various sources for CVE proof-of-concepts☆53Jun 1, 2023Updated 2 years ago
- Find endpoints on GitHub.☆220Mar 28, 2023Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modules☆186Oct 30, 2021Updated 4 years ago
- A free, open-source, multi-lingual, template-based VDP policy, safe harbor clause, securitytxt, and DNS Security TXT generator.☆16Apr 17, 2026Updated 2 weeks ago
- This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for …☆3,721Updated this week
- My Tools For Bug Bounty☆70Sep 23, 2024Updated last year
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆132Feb 19, 2021Updated 5 years ago
- A curated list of amazingly awesome OSINT☆19Oct 7, 2025Updated 6 months ago
- Generate a dynamic PAC script that will route traffic to your Burp proxy only if it matches the scope defined in your Burp target.☆33Nov 8, 2021Updated 4 years ago
- ☆16Dec 7, 2025Updated 5 months ago
- Service-Now Article Bruteforcer☆16Jun 5, 2020Updated 5 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Dump Lsass Memory Using a Reflective Dll☆14Feb 4, 2022Updated 4 years ago
- Run all your bug bounty VPN profiles in parallel and expose them via multiple local SOCKS proxies.☆113Nov 14, 2021Updated 4 years ago
- Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pag…☆528Apr 23, 2025Updated last year
- Community curated list of public bug bounty and responsible disclosure programs.☆1,295Apr 27, 2026Updated last week
- Asset inventory of over 800 public bug bounty programs.☆1,543Feb 14, 2025Updated last year
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆968Dec 31, 2021Updated 4 years ago
- View screenshots as a slideshow over http☆15Mar 13, 2020Updated 6 years ago