Facebook Bug Bounties
☆106Feb 24, 2021Updated 5 years ago
Alternatives and similar repositories for facebook-bug-bounty-writeups
Users that are interested in facebook-bug-bounty-writeups are comparing it to the libraries listed below
Sorting:
- Hunting Bugs for Fun and Profit☆275Jul 29, 2020Updated 5 years ago
- psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & w…☆19Jun 28, 2018Updated 7 years ago
- Collection of Bug Bounty Tips☆65Dec 10, 2019Updated 6 years ago
- Hacking Facebook for fun and profit: It’s not that hard, apparently (exclusive)☆62Jul 2, 2019Updated 6 years ago
- Fuzzing Payloads to Assist in Web Application Testing.☆166Jun 6, 2019Updated 6 years ago
- Security Advisories☆11Sep 22, 2019Updated 6 years ago
- Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.☆12Sep 30, 2018Updated 7 years ago
- CTF tasks created☆11Jan 12, 2023Updated 3 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆38Nov 8, 2017Updated 8 years ago
- The official BBF university.☆10Oct 12, 2017Updated 8 years ago
- Resources I consider useful for security research of web applications☆61Dec 15, 2020Updated 5 years ago
- Collection of Facebook Bug Bounty Writeups☆706Jan 16, 2026Updated last month
- Terraform configuration to build a Burp Private Collaborator Server☆25Nov 7, 2017Updated 8 years ago
- This is a web application fuzzer scanner - the goal was CLI flexibility and rapid prototyping☆48Nov 12, 2019Updated 6 years ago
- Wordlist to get files/ folders listed by the app that may expose passwords, sensitive file or folders☆22Jul 10, 2020Updated 5 years ago
- A collection of slides, videos, and proof-of-concept scripts from various Rhino presentations.☆38Aug 13, 2018Updated 7 years ago
- Happy Hunting☆138Jan 25, 2019Updated 7 years ago
- Tool for checking reflecting Parameters in a URL.☆10Aug 31, 2020Updated 5 years ago
- Merge results from NMAP and Masscan into one CSV file☆18Jun 19, 2018Updated 7 years ago
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆93Aug 27, 2019Updated 6 years ago
- ☆26Feb 16, 2021Updated 5 years ago
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.☆135Sep 25, 2019Updated 6 years ago
- Stuff for bug bounty☆35Feb 1, 2023Updated 3 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆265Nov 18, 2021Updated 4 years ago
- ☆162Dec 7, 2017Updated 8 years ago
- A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!☆34Nov 17, 2018Updated 7 years ago
- ☆27Jul 30, 2021Updated 4 years ago
- Collection of scripts that aid in penetration testing of JSON Web Tokens☆59Feb 2, 2019Updated 7 years ago
- ☆14Jul 8, 2019Updated 6 years ago
- This is a small extension to make graphql readable☆30Dec 14, 2018Updated 7 years ago
- ☆85Dec 6, 2019Updated 6 years ago
- Extract SSL certificate data (Subject Name, Subject Alt Names, Organisation)☆42Nov 10, 2025Updated 3 months ago
- CVE-2019-9580 - StackStorm: exploiting CORS misconfiguration (null origin) to gain RCE☆31Mar 13, 2019Updated 6 years ago
- ☆19Nov 17, 2019Updated 6 years ago
- Android Security Bug Queries for CheckMarx☆20Sep 13, 2022Updated 3 years ago
- Notes and helper scripts/files/etc from when I passed my OSCP☆19Sep 17, 2019Updated 6 years ago
- This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabi…☆362Mar 6, 2025Updated last year
- ☆43Feb 26, 2019Updated 7 years ago
- sploit☆67Dec 21, 2019Updated 6 years ago