A list of edge cases that occur in bug bounty programs, conversations on how they should be handled. The goal is to standardise the way that specific situations are handled in bug bounties.
☆236Feb 1, 2022Updated 4 years ago
Alternatives and similar repositories for bug-bounty-standards
Users that are interested in bug-bounty-standards are comparing it to the libraries listed below
Sorting:
- This is a Burp Suite extension that allows users to easily add web addresses to the Burp Suite scope.☆97Jan 2, 2025Updated last year
- Repository to house markdown templates for researchers☆215Oct 16, 2025Updated 4 months ago
- 🏵 Gee is tool of stdin to each files and stdout. It is similar to the tee command, but there are more functions for convenience. In addi…☆85Sep 30, 2025Updated 5 months ago
- De-clutter a list of URLs☆385Feb 3, 2026Updated last month
- Find endpoints on GitHub.☆214Mar 28, 2023Updated 2 years ago
- Repo for hosting rayder workflows☆63Aug 31, 2023Updated 2 years ago
- Rockyou for web fuzzing☆3,028Feb 11, 2026Updated 3 weeks ago
- ☆756Jun 26, 2024Updated last year
- ☆38Nov 27, 2020Updated 5 years ago
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist☆1,500Jan 8, 2026Updated last month
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.☆34Feb 12, 2022Updated 4 years ago
- Useful "Match and Replace" burpsuite rules☆365Sep 26, 2023Updated 2 years ago
- Awesome Bug bounty builder Project☆675Feb 15, 2023Updated 3 years ago
- A Python tool to automate some dorking stuff to find information disclosures.☆155Jul 3, 2024Updated last year
- Finding XSS during recon☆273Sep 13, 2022Updated 3 years ago
- Automated & Manual Wordlists provided by Assetnote☆1,631Feb 27, 2026Updated last week
- Host Header Injection Checker☆84Mar 2, 2022Updated 4 years ago
- "Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.☆1,084Mar 3, 2025Updated last year
- Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!☆1,272Feb 27, 2026Updated last week
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆164Mar 5, 2021Updated 5 years ago
- declutters url lists for crawling/pentesting☆1,531Feb 23, 2025Updated last year
- Jeeves SQLI Finder☆215May 13, 2022Updated 3 years ago
- A tool to quickly do keyword searches over Gitlab and Github for OSINT & bug bounty recon☆245Oct 20, 2023Updated 2 years ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆1,039Aug 23, 2025Updated 6 months ago
- TLDs finder — check domain name availability across all valid top-level domains.☆107Oct 20, 2024Updated last year
- A tool to check a bunch of URLs that contain reflecting params.☆598Aug 4, 2024Updated last year
- Random Tools for Bug Bounty☆151Oct 15, 2022Updated 3 years ago
- GG Dorking is a tool to generate GitHub and Google dorking for pentesters and bug bounty hunters.☆102Jul 12, 2025Updated 7 months ago
- A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violati…☆395Feb 18, 2026Updated 2 weeks ago
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets☆1,529Jan 15, 2026Updated last month
- This is go CLI tool for send fast Multiple get HTTP request.☆283Jan 20, 2023Updated 3 years ago
- BBT - Bug Bounty Tools (examples💡)☆1,883Apr 5, 2024Updated last year
- Extract URLs, paths, secrets, and other interesting bits from JavaScript☆1,773May 22, 2024Updated last year
- Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!☆2,552Updated this week
- XSS payloads designed to turn alert(1) into P1☆1,392Sep 12, 2023Updated 2 years ago
- Smart context-based SSRF vulnerability scanner.☆360May 5, 2022Updated 3 years ago
- Easily schedule commands to run multiple times at set intervals (like a cronjob, but with one command)☆84Apr 5, 2021Updated 4 years ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!☆978Jan 12, 2024Updated 2 years ago
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.☆184Nov 22, 2021Updated 4 years ago