Various tools for managing bug bounty recon and exploration.
☆48Dec 8, 2022Updated 3 years ago
Alternatives and similar repositories for bounty_tools
Users that are interested in bounty_tools are comparing it to the libraries listed below
Sorting:
- Stay on top of new domains! Bug bounty hunters can use this tool to receive Pushbullet notifications each time there is a new target subd…☆26Apr 14, 2018Updated 7 years ago
- Another plugin for CRLF vulnerability detection☆25Jan 25, 2017Updated 9 years ago
- A tool to generate statistics and help manage bug bounty reports in HackerOne.☆22Mar 18, 2020Updated 5 years ago
- WebApp for BugBounty Hunters☆14Mar 24, 2017Updated 8 years ago
- ☆34Oct 1, 2019Updated 6 years ago
- Subdomain brute force focused on speed and data serialization☆75Dec 27, 2022Updated 3 years ago
- Dockerised Version of Frida☆21May 10, 2023Updated 2 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆26Dec 12, 2018Updated 7 years ago
- An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …☆260Aug 22, 2021Updated 4 years ago
- A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.☆549Jun 12, 2017Updated 8 years ago
- 一个攻击框架☆10May 29, 2015Updated 10 years ago
- A tool for checking a hash:pass pot file for hashes from a user:hash file☆12Oct 23, 2016Updated 9 years ago
- Exploit insecure crossdomain.xml files.☆26Apr 25, 2017Updated 8 years ago
- Tools of "The Bug Hunters Methodology V2 by @jhaddix"☆201Aug 11, 2017Updated 8 years ago
- Inventus is a spider designed to find subdomains of a specific domain by crawling it and any subdomains it discovers.☆81Aug 28, 2017Updated 8 years ago
- Python tool to check for expired domains still allowed in crossdomain.xml files☆13Jan 11, 2017Updated 9 years ago
- Scripts that I've written that others may find useful☆14Aug 17, 2022Updated 3 years ago
- Burp extension for automated handling of CSRF tokens☆16Feb 27, 2018Updated 8 years ago
- Listing subdomains about a main domain☆59May 9, 2018Updated 7 years ago
- BountyDash is a tool to combine your rewards from all platforms, giving you insights about your progress and bug hunting patterns.☆163Apr 24, 2025Updated 10 months ago
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆628Feb 5, 2019Updated 7 years ago
- Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT☆404Updated this week
- Red Team C2 and Post Exploitation code☆35Jul 8, 2025Updated 7 months ago
- A series of python scripts for generating weird character combinations for bypassing web application firewalls (WAF) and XSS blockers☆278Oct 29, 2018Updated 7 years ago
- Ptcoresec jeopardy style scoreboard☆23Jul 17, 2012Updated 13 years ago
- a .js scanner, built in php. designed to scrape urls and other info☆228Aug 22, 2017Updated 8 years ago
- Ease-of-use extension for Web Application penetration testing☆18Jun 20, 2017Updated 8 years ago
- ios source grepper☆42May 4, 2017Updated 8 years ago
- Slides from my ShellCon Talk, OSINT for Pen Tests, given 10/19.☆59Jan 8, 2018Updated 8 years ago
- python script allow red teaming , hackthebox Pwners , OSCP lovers to shorten their time by these useful shells☆32Mar 4, 2021Updated 5 years ago
- Automated Security Assessment Reporting Tool☆37Dec 23, 2017Updated 8 years ago
- BURP extension providing a set of values for the HTTP request "Host" header for the "BURP Intruder" in order to abuse virtual host resolu…☆60Oct 8, 2017Updated 8 years ago
- A GC link parser for both linkfiles and jumplists.☆18Oct 28, 2016Updated 9 years ago
- CTF (Capture The Flag) writeups, code snippets, scripts☆16Oct 18, 2018Updated 7 years ago
- My notes, exercises, and reports on reverse engineering and penetrating applications☆17Dec 5, 2018Updated 7 years ago
- This repository stores the proof-of-concept of Windows malware categorized with MITRE ATT&CK.☆14Nov 8, 2024Updated last year
- Powershell to copy ntds.dit☆62Jun 30, 2016Updated 9 years ago
- Tools to gather subdomains from Bug Bounty programs☆65Mar 29, 2018Updated 7 years ago
- [depreciated] Terminal dashboard for bug bounty hunters that use HackerOne and Bugcrowd☆194Apr 1, 2016Updated 9 years ago