jakejarvis / bounty-domainsView external linksLinks
List of domains in scope for bug bounties (HackerOne, Bugcrowd, etc.)
☆74May 23, 2021Updated 4 years ago
Alternatives and similar repositories for bounty-domains
Users that are interested in bounty-domains are comparing it to the libraries listed below
Sorting:
- Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.☆151Jun 29, 2020Updated 5 years ago
- It contain google dork to find the wsdl file.☆13May 27, 2020Updated 5 years ago
- ☆11Dec 25, 2020Updated 5 years ago
- Objectify-s3 is a tool that recursively checks AWS S3 buckets and objects for misconfigured permissions.☆15Aug 3, 2024Updated last year
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆13Oct 26, 2017Updated 8 years ago
- HackerOne "in scope" domains☆500Updated this week
- Open Redirect scanner - (out of date)☆28Nov 27, 2022Updated 3 years ago
- Web interface for recon-ng☆14Nov 22, 2015Updated 10 years ago
- ☆29Dec 13, 2023Updated 2 years ago
- ☆14Oct 1, 2021Updated 4 years ago
- The tools I have programmed to help me with bugbounty's☆117Oct 10, 2019Updated 6 years ago
- A fuzzer made in golang for finding issues like xss, lfi, rce, ssti...that detects issues using change in content length and verify it us…☆62Oct 25, 2020Updated 5 years ago
- A tool to test working urls.☆43Nov 17, 2020Updated 5 years ago
- Web Security Checklist (Bug Bounty & Pentesting)☆170Jun 15, 2025Updated 8 months ago
- A collection of hacks and one-off scripts☆10Jan 18, 2021Updated 5 years ago
- Publishing advisories for CVEs found by POST Cyberforce☆13Jan 7, 2025Updated last year
- Describe how to use ffuf different options with examples☆13Jun 13, 2022Updated 3 years ago
- Training and certifications related to secure software development☆11Feb 9, 2026Updated last week
- Yet another subdomain finder☆209Jan 20, 2020Updated 6 years ago
- CRLF and open redirect fuzzer☆112Aug 31, 2021Updated 4 years ago
- Match and Replace script used to automatically generate JSON option file to BurpSuite☆215May 13, 2019Updated 6 years ago
- Security tool (now AI powered 🤖) to find potential vulnerable Server Side Request Forgery (SSRF) parameters.☆354Updated this week
- Quick tool to create custom wordlists like how fuzzers work☆10Sep 29, 2023Updated 2 years ago
- ☆15Aug 27, 2020Updated 5 years ago
- Take a list of URIs and print all the of the paths☆10Aug 16, 2020Updated 5 years ago
- Removes duplicate entries from a file, resulting in only unique parameter combinations. Useful for parsing waybackurls and making recon m…☆11May 31, 2020Updated 5 years ago
- Bug Bounty tool to automate the recon process.☆12Oct 4, 2023Updated 2 years ago
- web cache poison - Top 1 web hacking technique of 2019☆25Feb 24, 2020Updated 5 years ago
- 31 Tips for pentesters & security engineers☆87Aug 20, 2021Updated 4 years ago
- An entry level resource to learning bug bounty.☆28Apr 11, 2018Updated 7 years ago
- Burp extension to generate multi-step CSRF POC.☆31Sep 23, 2019Updated 6 years ago
- Secret and/or credential patterns used for gf.☆243Feb 10, 2023Updated 3 years ago
- This are some Dorks and Platform to find the Bug Bounty Programs.☆81Apr 11, 2025Updated 10 months ago
- Burp Extension written in Jython to hunt for common vulnerabilities found in websites. Developed by Gaurav Narwani to help people find vu…☆250Apr 27, 2020Updated 5 years ago
- A curated list of amazingly bug bounty tips from security researchers around the world.☆104Mar 14, 2019Updated 6 years ago
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.☆112Feb 14, 2022Updated 4 years ago
- Tool for checking reflecting Parameters in a URL.☆10Aug 31, 2020Updated 5 years ago
- Script for Bug Bounty☆29Sep 17, 2021Updated 4 years ago
- Webapp to search tips on Twitter through #bugbountytips☆72Dec 2, 2022Updated 3 years ago