Repository of Bug-Bounty Writeups
☆394Feb 22, 2026Updated last week
Alternatives and similar repositories for Bug-bounty-Writeups
Users that are interested in Bug-bounty-Writeups are comparing it to the libraries listed below
Sorting:
- A curated list of available Bug Bounty & Disclosure Programs and Write-ups.☆75Dec 3, 2023Updated 2 years ago
- Collection of Facebook Bug Bounty Writeups☆705Jan 16, 2026Updated last month
- Burp Suite extension that enhances Burp Active Scan by adding template engine specific SSTI payloads.☆24Feb 20, 2024Updated 2 years ago
- Passively check for XSS character encodings☆18Updated this week
- A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference☆5,551Aug 6, 2023Updated 2 years ago
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body☆36Dec 13, 2025Updated 2 months ago
- Continuous Reconnaissance and Vulnerability Scanning for Bug Bounties☆18Jun 6, 2024Updated last year
- A collection of notes, checklists, writeups on bug bounty hunting and web application security.☆152Jun 30, 2022Updated 3 years ago
- BUG BOUNTY WRITEUPS - OWASP TOP 10 🔴🔴🔴🔴✔☆853Jun 27, 2022Updated 3 years ago
- A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.☆1,977Sep 5, 2021Updated 4 years ago
- All about bug bounty (bypasses, payloads, and etc)☆6,655Sep 8, 2023Updated 2 years ago
- Top disclosed reports from HackerOne☆5,358Updated this week
- This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter☆3,266Feb 10, 2024Updated 2 years ago
- Asset inventory of over 800 public bug bounty programs.☆1,520Feb 14, 2025Updated last year
- Argus is used to test for Blind XSS and SSRF vulnerbilities or any sort of OOB detection☆13Nov 1, 2024Updated last year
- A collection of awesome one-liner scripts especially for bug bounty tips.☆3,077Jul 29, 2024Updated last year
- A curated list of various bug bounty tools☆5,805Feb 9, 2026Updated 3 weeks ago
- Writeups for PortSwigger WebSecurity Academy☆359Feb 5, 2023Updated 3 years ago
- These are my checklists which I use during my hunting.☆849Nov 30, 2023Updated 2 years ago
- 1337 Wordlists for Bug Bounty Hunting☆932Updated this week
- A repository that includes all the important wordlists used while bug hunting.☆1,379Mar 11, 2023Updated 2 years ago
- Tips and Tutorials for Bug Bounty and also Penetration Tests.☆1,707Oct 7, 2025Updated 4 months ago
- My Private Bug Hunting Methodology☆316Nov 27, 2024Updated last year
- oneliner commands for bug bounties☆461Jul 25, 2022Updated 3 years ago
- [Custom || Automated] Curation & Collection of BugBounty Wordlists☆63Updated this week
- Collection of methodology and test case for various web vulnerabilities.☆7,039Jun 25, 2025Updated 8 months ago
- Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens…☆5,223Jan 31, 2026Updated last month
- ☆250May 25, 2021Updated 4 years ago
- ☆128Jul 15, 2021Updated 4 years ago
- Python/Bash automation customization script designed to automate the reconnaissance process☆21Jan 28, 2024Updated 2 years ago
- ☆206Feb 5, 2025Updated last year
- XSS Payload Cheat Sheet☆11Sep 1, 2024Updated last year
- Ressources for bug bounty hunting☆1,906Dec 1, 2022Updated 3 years ago
- 😹 Python project to bruteforce Apache Tomcat manager login with known-default credentials☆99Mar 12, 2024Updated last year
- Custom nuclei templates for bug hunting.....☆26May 30, 2024Updated last year
- JSNotify is a Python script designed to monitor JavaScript files in a specified directory for changes. This tool can be used by developer…☆18Nov 15, 2023Updated 2 years ago
- This Tool To Test Machine Keys In View State☆85Oct 11, 2024Updated last year
- 10,000 H1 Disclosed Reports☆118May 10, 2024Updated last year
- Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.☆255Feb 10, 2025Updated last year