fuzz-security/Resources-for-Beginner-Bug-Bounty-Hunters external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

fuzz-security/Resources-for-Beginner-Bug-Bounty-Hunters

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/fuzz-security/Resources-for-Beginner-Bug-Bounty-Hunters)

Close

fuzz-security / Resources-for-Beginner-Bug-Bounty-HuntersView on GitHubMore

• External links
• Readme badge

A list of resources for those interested in getting started in bug bounties

☆13Jun 18, 2020Updated 5 years ago

Alternatives and similar repositories for Resources-for-Beginner-Bug-Bounty-Hunters

Users that are interested in Resources-for-Beginner-Bug-Bounty-Hunters are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• fuzz-security / MobileApp-Pentest-Cheatsheet

  View on GitHub
  The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application pen…
  ☆71May 8, 2020Updated 5 years ago
• WoodenKlaas / CVE-2021-44521

  View on GitHub
  Automated PoC of CVE-2021-44521
  ☆10Feb 24, 2022Updated 4 years ago
• Abdulrahman-Kamel / dpfilter

  View on GitHub
  BugBounty , sort and delete duplicates param value without missing original value
  ☆22Jul 31, 2021Updated 4 years ago
• eslamedhat / XDomain

  View on GitHub
  Auto powerful subdomains scanner - Auto check live subdomains
  ☆18Jul 5, 2020Updated 5 years ago
• arg3t / massurl

  View on GitHub
  A simple tool that aims to efficiently and quickly parse the outputs of web scraping tools like gau
  ☆12Jun 28, 2021Updated 4 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• fuzz-security / hackerone-reports

  View on GitHub
  Top disclosed reports from HackerOne
  ☆10Jun 9, 2020Updated 5 years ago
• ManasHarsh / Bug-bounty-methodology

  View on GitHub
  ☆27Jan 25, 2020Updated 6 years ago
• Al1ex / Pentest-Command

  View on GitHub
  Pentest-Command
  ☆20Nov 10, 2021Updated 4 years ago
• fuzz-security / Active-Directory-Exploitation-Cheat-Sheet

  View on GitHub
  A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
  ☆50Jun 23, 2020Updated 5 years ago
• segura2010 / apk-yara-checker

  View on GitHub
  'apk-yara-checker' is a little CLI tool written in Rust to check Yara rules against a folder of APK files.
  ☆16Jul 6, 2024Updated last year
• B-and-w-sec / shell-scripts

  View on GitHub
  This repo contains scripts i used while bug bounty.
  ☆16Nov 4, 2020Updated 5 years ago
• zapstiko / wordlists

  View on GitHub
  All Type of Payloads
  ☆142Mar 26, 2024Updated 2 years ago
• naufalan / Web-App-Methodology

  View on GitHub
  Collection of web app methodology from initial recon into exploit known vulnerability. Used when conducting Bug Bounty, Penetration Testi…
  ☆13Oct 23, 2021Updated 4 years ago
• sahad-mk / Fireprint

  View on GitHub
  FirePrint is a security tool for finding misconfigured Firebase realtime databases in Android or iOS applications.
  ☆22Apr 4, 2024Updated last year
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• XiaoliChan / Fastjson-ForwardShell

  View on GitHub
  Breaking fastjson with forward shell
  ☆22Sep 1, 2022Updated 3 years ago
• B1anda0 / CVE-2020-8209

  View on GitHub
  该脚本为Citrix XenMobile 目录遍历漏洞（CVE-2020-8209）批量检测脚本。
  ☆31Dec 7, 2020Updated 5 years ago
• emadshanab / Burp-Bounty-free-Profiles-Collection

  View on GitHub
  ☆45Jun 5, 2021Updated 4 years ago
• oneplus-x / The-Bug-Hunters-Methodology

  View on GitHub
  Welcome! This repo is a conglomeration of tips, tricks, tools, and data analysis to use while doing web application security assessments,…
  ☆14Jan 13, 2019Updated 7 years ago
• momika233 / Oracle-E-Business_Login

  View on GitHub
  ☆17May 21, 2022Updated 3 years ago
• spuqe / firebase

  View on GitHub
  Firebase database finder.
  ☆13Dec 30, 2020Updated 5 years ago
• emadshanab / Red-Team-Resources-collection

  View on GitHub
  ☆76Jun 5, 2021Updated 4 years ago
• righettod / log4shell-analysis

  View on GitHub
  Contains all my research and content produced regarding the log4shell vulnerability
  ☆31Jan 22, 2022Updated 4 years ago
• e11i0t4lders0n / Bugbounty-Resources

  View on GitHub
  ☆88May 27, 2021Updated 4 years ago
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• FDlucifer / mybb_1832_LFI_RCE

  View on GitHub
  MyBB 1.8.32 - Chained LFI Remote Code Execution (RCE) (Authenticated) python exploit script...
  ☆14Oct 17, 2023Updated 2 years ago
• U2FsdGVkX1 / vps2suse

  View on GitHub
  Install openSUSE on your VPS, no matter what the current OS is
  ☆30May 23, 2025Updated 10 months ago
• muneebwanee / SubScanner

  View on GitHub
  An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters.
  ☆12Dec 11, 2020Updated 5 years ago
• emadshanab / Nmap-NSE-scripts-collection

  View on GitHub
  ☆175Oct 26, 2025Updated 5 months ago
• theLSA / burp-sensitive-param-extractor

  View on GitHub
  burpsuite extension for check and extract sensitive request parameter
  ☆115Nov 29, 2020Updated 5 years ago
• e11i0t4lders0n / Web-Application-Pentest-Checklist

  View on GitHub
  ☆535Jul 16, 2021Updated 4 years ago
• emadshanab / Adobe-Experience-Manager

  View on GitHub
  ☆34Jun 23, 2021Updated 4 years ago
• emadshanab / subs_all

  View on GitHub
  Subdomain Enumeration Wordlist. 8956437 unique words. Updated.
  ☆75May 23, 2020Updated 5 years ago
• melbadry9 / WhoEnum

  View on GitHub
  Mass querying whois records
  ☆28Dec 28, 2021Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• Bosco-Lam / BruteXss

  View on GitHub
  Based on shawarkhanethicalhacker/BruteXSS
  ☆15Jan 24, 2019Updated 7 years ago
• darrenmartyn / sophucked

  View on GitHub
  CVE-2020-25223
  ☆11Sep 13, 2021Updated 4 years ago
• H1d3r / aspnetMvcBackdoor

  View on GitHub
  ☆12Oct 29, 2021Updated 4 years ago
• hktalent / blackIps

  View on GitHub
  black Ip lists, dorks-collection
  ☆17Mar 1, 2026Updated 3 weeks ago
• dbgee / fastjson-rce

  View on GitHub
  fastjson rce env based on springboot
  ☆40Nov 25, 2021Updated 4 years ago
• mprunet / burp-scripting

  View on GitHub
  ☆13Oct 3, 2023Updated 2 years ago
• sn0x-sharma / Full-WebApp-path

  View on GitHub
  Complite Web Application Penetration Testing
  ☆28Jul 9, 2021Updated 4 years ago