kh4sh3i/Bug-Hunting-Handbook external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

kh4sh3i/Bug-Hunting-Handbook

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/kh4sh3i/Bug-Hunting-Handbook)

Close

kh4sh3i / Bug-Hunting-HandbookView on GitHubMore

• External links
• Readme badge

Bug Hunting Handbook

☆11Aug 11, 2022Updated 3 years ago

Alternatives and similar repositories for Bug-Hunting-Handbook

Users that are interested in Bug-Hunting-Handbook are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• imhego / pointer

  View on GitHub
  Pointer is a Fast Simple Lightweight Tool for Endpoint Discovery.
  ☆14Dec 30, 2023Updated 2 years ago
• kh4sh3i / FFUF-Tricks

  View on GitHub
  Describe how to use ffuf different options with examples
  ☆13Jun 13, 2022Updated 3 years ago
• orwagodfather / ShoLister

  View on GitHub
  ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be …
  ☆13May 10, 2022Updated 3 years ago
• iustin24 / chameleon-wordlists

  View on GitHub
  Chameleon Wordlists
  ☆15Sep 13, 2022Updated 3 years ago
• emadshanab / Blind-xss-via-ffuf

  View on GitHub
  ☆12Jan 4, 2022Updated 4 years ago
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• kh4sh3i / security-mindmap

  View on GitHub
  This repository stores various roadmap(Mindmaps) for bug bounty Hunter, pentester, offensive(red team), defensive(blue team) and security…
  ☆58May 11, 2022Updated 3 years ago
• kh4sh3i / Application-Security-Interview-Questions

  View on GitHub
  Here are some common interview questions for an application security position you can review for your own interview, along with example a…
  ☆31Apr 17, 2022Updated 3 years ago
• LasCC / QR-Generator

  View on GitHub
  Online test is available 👉
  ☆12Mar 17, 2026Updated last week
• imnarendrabhati / testing-new

  View on GitHub
  <img src=x onerroralert(1);>
  ☆11Jul 12, 2014Updated 11 years ago
• Ph0rse / Awesome-XSS

  View on GitHub
  收集的一些XSS学习资料
  ☆27Dec 21, 2018Updated 7 years ago
• PortSwigger / ntlm-challenge-decoder

  View on GitHub
  Burp extension to decode NTLM SSP headers and extract domain/host information
  ☆12Mar 25, 2021Updated 5 years ago
• thomaslaurenson / trophyroom

  View on GitHub
  Collection of walk through, hints, notes, code snippets, tools logs and resources for vulnerable CTF-style boxes
  ☆12Dec 3, 2025Updated 3 months ago
• TheGetch / Application-Pentest-Methodology

  View on GitHub
  Methodoloy for pentesting web applications.
  ☆10Aug 18, 2022Updated 3 years ago
• melihi / RAM

  View on GitHub
  Bypass http 403 🐏
  ☆16Feb 26, 2022Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• CyberMonitor / windows-kernel-exploits

  View on GitHub
  windows-kernel-exploits Windows平台提权漏洞集合
  ☆24Jul 29, 2021Updated 4 years ago
• robstradling / CeRTSearcH

  View on GitHub
  ☆12Jul 5, 2023Updated 2 years ago
• paulveillard / cybersecurity-ssrf

  View on GitHub
  An ongoing & curated collection of awesome web vulnerability - Server-side request forgery software practices and remediation, libraries…
  ☆24Feb 22, 2022Updated 4 years ago
• hakluke / hakjoke

  View on GitHub
  Gets joke from icanhazdadjoke.com, prints it
  ☆13Jan 5, 2022Updated 4 years ago
• hakluke / ----svg-onload-alert---

  View on GitHub
  jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()…
  ☆11Apr 9, 2021Updated 4 years ago
• HACKE-RC / Jack-Compiler

  View on GitHub
  Compiler for the Jack Programming Language
  ☆20Nov 5, 2024Updated last year
• securityps / SecurityPSApplicationSecurityEngineerTrainingResources

  View on GitHub
  Publicly available training resources used by Security PS to train application security engineers
  ☆10Feb 16, 2021Updated 5 years ago
• emadshanab / 971-MB-content_discovery_wordlist

  View on GitHub
  Collection of content discovery wordlists in one wordlist.
  ☆38Jan 18, 2022Updated 4 years ago
• emadshanab / DIR-WORDLISTS

  View on GitHub
  Some wordlists collected form github to all bug bounty hunters.
  ☆40Jul 30, 2021Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• emadshanab / Blind-XSS-burp-match-and-replace

  View on GitHub
  ☆29Dec 13, 2023Updated 2 years ago
• kh4sh3i / Penetration-Testing-Interview-Questions

  View on GitHub
  Penetration Testing Interview Questions
  ☆53Apr 15, 2022Updated 3 years ago
• Nader-abdi / udp2raw-ansible

  View on GitHub
  ☆13Jun 10, 2024Updated last year
• z3dc0ps / use-this-vdp

  View on GitHub
  Use these VDP in Bug Hunting, These VDP are checked and verified by Bug Hunters
  ☆20Aug 9, 2022Updated 3 years ago
• 0x221b / Wordlists

  View on GitHub
  A repository of wordlists for enumeration. Will be added to by my tools when they find interesting new entries
  ☆23Jan 21, 2021Updated 5 years ago
• hakluke / hakaxfr

  View on GitHub
  Attempt zone transfers on domains
  ☆18Jul 12, 2021Updated 4 years ago
• emadshanab / Burpsuite-Plugins-Extensions-Arsenal

  View on GitHub
  ☆42Jul 14, 2021Updated 4 years ago
• 0x0Jackal / swagger_scanner

  View on GitHub
  This tool checks if the given Url/File has Swagger Ui, That can be tested later..
  ☆37May 1, 2023Updated 2 years ago
• lazytools / sshchecker

  View on GitHub
  sshchecker is a fast dedicated ssh brute-forcing tool to check ssh login on the giving IP list.
  ☆23Feb 8, 2026Updated last month
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• kh4sh3i / WAF-Bypass

  View on GitHub
  🔥 Web application firewalls (WAF) bypass
  ☆55Nov 1, 2023Updated 2 years ago
• shubham-rooter / Bug-Bounty-Script

  View on GitHub
  Bug-hunting Automation
  ☆39Jun 11, 2023Updated 2 years ago
• PentestPad / larascan

  View on GitHub
  Laravel PHP framework black-box vulnerability scanner
  ☆38Sep 3, 2024Updated last year
• TheGetch / Penetration-Testing-Methodology

  View on GitHub
  This repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used…
  ☆25Apr 19, 2022Updated 3 years ago
• electro0nes / writeup-finder

  View on GitHub
  Writeup finder from medium or other
  ☆22Sep 11, 2024Updated last year
• dsopas / bugbounty-cheatsheet

  View on GitHub
  A list of interesting payloads, tips and tricks for bug bounty hunters.
  ☆13Oct 26, 2017Updated 8 years ago
• sec-it / BFAC-Burp-Extension

  View on GitHub
  Burp Extension for BFAC (Advanced Backup-File Artifacts Testing for Web-Applications)
  ☆20Aug 9, 2021Updated 4 years ago