hakluke / bug-bounty-standards
A list of edge cases that occur in bug bounty programs, conversations on how they should be handled. The goal is to standardise the way that specific situations are handled in bug bounties.
☆231Updated 3 years ago
Alternatives and similar repositories for bug-bounty-standards:
Users that are interested in bug-bounty-standards are comparing it to the libraries listed below
- Burp extension to create target specific and tailored wordlist from burp history.☆237Updated 3 years ago
- List of reporting templates I have used since I started doing BBH.☆297Updated 7 months ago
- De-clutter a list of URLs☆335Updated 5 months ago
- ☆169Updated 2 months ago
- Repository to house markdown templates for researchers☆198Updated 3 weeks ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆310Updated 5 months ago
- ☆154Updated 2 years ago
- ☆133Updated 3 years ago
- Useful "Match and Replace" burpsuite rules☆346Updated last year
- MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.☆172Updated 6 months ago
- ☆97Updated 2 years ago
- Whitebox source code review cheatsheet (Based on AWAE syllabus)☆133Updated 3 years ago
- EvenBetter is a frontend Caido plugin that makes the Caido experience even better 😎☆142Updated last month
- Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.☆497Updated last month
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzer☆382Updated last year
- ☆139Updated 2 years ago
- All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)☆287Updated last year
- Top disclosed reports from HackerOne☆151Updated 4 years ago
- ☆240Updated 3 years ago
- My small collection of reports templates (This is a fork of orignal repo from https://github.com/gwen001/BB-datas)☆124Updated last year
- This is a python wrapper around the amazing KNOXSS API by Brute Logic☆261Updated 3 weeks ago
- bash script for Subdomain Enumeration☆364Updated 2 months ago
- ☆173Updated 6 months ago
- Prototype pollution scanner using headless chrome☆218Updated 2 years ago
- ☆100Updated last year
- oneliner commands for bug bounties☆444Updated 2 years ago
- Automated tool for domains & subdomains gathering☆186Updated last year
- A collection of notes, checklists, writeups on bug bounty hunting and web application security.☆146Updated 2 years ago
- Secret and/or credential patterns used for gf.☆241Updated 2 years ago
- Automation of tokens/api keys testing.☆124Updated 2 years ago