Alternatives and similar repositories for hackerone

Users that are interested in hackerone are comparing it to the libraries listed below

• federicodotta / semgrep-rules
  A collection of my Semgrep rules
  ☆50Updated 2 years ago
• mattiasgrenfeldt / bachelors-thesis-http-request-smuggling
  ☆72Updated 3 years ago
• GitHubSecurityLab / ruby-unsafe-deserialization
  Proof of Concepts for unsafe deserialization in Ruby
  ☆17Updated 11 months ago
• dillonfranke / protoburp
  Encode and Fuzz Custom Protobuf Messages in Burp Suite
  ☆33Updated 7 months ago
• projectdiscovery / collaborator
  BurpSuite Standard/Private Collaborator Library
  ☆22Updated 4 years ago
• hahwul / gee
  🏵 Gee is tool of stdin to each files and stdout. It is similar to the tee command, but there are more functions for convenience. In addi…
  ☆85Updated last week
• assetnote / h2csmuggler
  ☆75Updated last year
• brevityinmotion / brevityrecon
  ☆69Updated 3 years ago
• andresriancho / mongo-objectid-predict
  Predict Mongo ObjectIds
  ☆145Updated 7 years ago
• kosmosec / proto-find
  Let's check if your target is vulnerable for client side prototype pollution.
  ☆66Updated last year
• neex / ghostinthepdf
  ☆169Updated 4 years ago
• silentsignal / burp-piper
  Piper Burp Suite Extender plugin
  ☆126Updated last year
• ariary / HTTPCustomHouse
  HTTP request smuggling attack helper/CLI tools to manipulate HTTP packets
  ☆35Updated 3 years ago
• Kirill89 / prototype-pollution-exploits
  Prototype Pollution exploits collection
  ☆34Updated 4 years ago
• dwisiswant0 / discat
  A simple way of sending messages from the CLI output to your Discord channel with webhook.
  ☆36Updated 3 years ago
• arall / vulnerabilities
  Examples of different vulnerabilities, in a variety of languages, shapes and sizes.
  ☆29Updated last year
• wahyuhadi / semgrep-server-rules
  ☆18Updated 4 months ago
• fransr / hot-jar-swapping-urlclassloader
  Demo of the URLClassLoader JAR-swapping showing the ability to replace and exploit an already loaded JAR with inner classes
  ☆31Updated 2 years ago
• defparam / haptyc
  ☆95Updated 4 years ago
• Cache-Money / chronorace
  ☆73Updated 3 years ago
• riramar / h2rs
  Detects request smuggling via HTTP/2 downgrades.
  ☆94Updated 3 years ago
• trickest / enumerepo
  List all public repositories for (valid) GitHub usernames
  ☆76Updated 2 years ago
• ajxchapman / ReServ
  A set of simple servers (currently HTTP/HTTPS and DNS) which allow configurable and scriptable responses to network requests.
  ☆62Updated 3 years ago
• owasp-amass / resolve
  DNS resolver pools written in Go
  ☆48Updated 6 months ago
• vmnguyen / semgrep-rules
  My custom semgrep rules
  ☆22Updated 5 years ago
• dsecuredcom / yataf
  yataf extracts secrets and paths from files or urls - its best used against javascript files
  ☆53Updated last year
• elttam / rsu-cracker
  ☆33Updated 2 years ago
• Philesiv / XSLeaker
  Searcher for cross-site leaks (XS-Leaks)
  ☆82Updated 2 years ago
• random-robbie / ssrf-finder
  Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.
  ☆110Updated 3 years ago
• dwisiswant0 / osscope
  A curated GitHub repository that's in-scope and eligible for bounty.
  ☆21Updated 3 years ago