hakluke / bug-bounty-standards
A list of edge cases that occur in bug bounty programs, conversations on how they should be handled. The goal is to standardise the way that specific situations are handled in bug bounties.
☆229Updated 3 years ago
Alternatives and similar repositories for bug-bounty-standards:
Users that are interested in bug-bounty-standards are comparing it to the libraries listed below
- Burp extension to create target specific and tailored wordlist from burp history.☆237Updated 3 years ago
- De-clutter a list of URLs☆328Updated 4 months ago
- ☆168Updated last month
- List of reporting templates I have used since I started doing BBH.☆286Updated 6 months ago
- ☆152Updated 2 years ago
- ☆97Updated 2 years ago
- A Firefox Web Extension to improve the discovery of DOM XSS.☆271Updated 4 months ago
- Useful "Match and Replace" burpsuite rules☆342Updated last year
- Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.☆496Updated 2 weeks ago
- IIS shortname scanner written in Go☆324Updated 2 years ago
- Unofficial documentation for the great tool Param Miner☆178Updated 2 years ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆307Updated 4 months ago
- MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.☆170Updated 5 months ago
- ☆130Updated 3 years ago
- Web Application Security Testing Tools☆241Updated last year
- Prototype pollution scanner using headless chrome☆216Updated 2 years ago
- Recon MindMap (RMM)☆153Updated 9 months ago
- EvenBetter is a frontend Caido plugin that makes the Caido experience even better 😎☆141Updated this week
- Automated tool for domains & subdomains gathering☆184Updated last year
- My small collection of reports templates (This is a fork of orignal repo from https://github.com/gwen001/BB-datas)☆124Updated last year
- All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)☆286Updated last year
- Whitebox source code review cheatsheet (Based on AWAE syllabus)☆129Updated 3 years ago
- ☆139Updated 2 years ago
- A collection of notes, checklists, writeups on bug bounty hunting and web application security.☆146Updated 2 years ago
- This is a python wrapper around the amazing KNOXSS API by Brute Logic☆254Updated 2 weeks ago
- Repository to house markdown templates for researchers☆197Updated 2 weeks ago
- CT Log Scanner☆321Updated last month
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆626Updated last year
- ☆150Updated last year
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆191Updated 7 months ago