hakluke / bug-bounty-standardsLinks
A list of edge cases that occur in bug bounty programs, conversations on how they should be handled. The goal is to standardise the way that specific situations are handled in bug bounties.
☆231Updated 3 years ago
Alternatives and similar repositories for bug-bounty-standards
Users that are interested in bug-bounty-standards are comparing it to the libraries listed below
Sorting:
- Repository to house markdown templates for researchers☆203Updated 2 weeks ago
- ☆171Updated 5 months ago
- Burp extension to create target specific and tailored wordlist from burp history.☆245Updated 3 years ago
- Prototype pollution scanner using headless chrome☆220Updated 3 years ago
- ☆100Updated last year
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆317Updated last month
- List of reporting templates I have used since I started doing BBH.☆309Updated 10 months ago
- EvenBetter is a frontend Caido plugin that makes the Caido experience even better 😎☆152Updated this week
- ☆138Updated 3 years ago
- My small collection of reports templates (This is a fork of orignal repo from https://github.com/gwen001/BB-datas)☆124Updated last year
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆193Updated last year
- Top disclosed reports from HackerOne☆155Updated 4 years ago
- All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)☆292Updated last year
- PDF slides☆247Updated 3 years ago
- ☆96Updated 3 years ago
- xss development frameworks, with the goal of making payload writing easier.☆147Updated last year
- Simple recon using multiple tools!☆165Updated 3 years ago
- ☆156Updated 2 years ago
- A Firefox Web Extension to improve the discovery of DOM XSS.☆275Updated 8 months ago
- ☆146Updated 2 years ago
- Source Code Review resources for Bug Bounty Hunters & Developers. This Repo is updated consistently.☆71Updated 3 years ago
- Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.☆525Updated 5 months ago
- Automated tool for domains & subdomains gathering☆188Updated last year
- Scripts and other stuff.☆132Updated last year
- Unofficial documentation for the great tool Param Miner☆181Updated 2 years ago
- ☆51Updated 3 years ago
- Customisable and automated HTTP header injection☆258Updated last year
- A bash script that will automatically install Bug Hunting tools used for recon☆176Updated 2 years ago
- A tool to quickly do keyword searches over Gitlab and Github for OSINT & bug bounty recon☆241Updated last year
- ☆87Updated 4 years ago