m4ll0k/Awesome-Bugbounty-Writeups external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

m4ll0k/Awesome-Bugbounty-Writeups

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/m4ll0k/Awesome-Bugbounty-Writeups)

Close

m4ll0k / Awesome-Bugbounty-WriteupsView on GitHubMore

• External links
• Readme badge

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

☆44Dec 26, 2020Updated 5 years ago

Alternatives and similar repositories for Awesome-Bugbounty-Writeups

Users that are interested in Awesome-Bugbounty-Writeups are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• m4ll0k / hacks

  View on GitHub
  A collection of hacks and one-off scripts
  ☆18Jun 4, 2021Updated 4 years ago
• m4ll0k / OneListForAll

  View on GitHub
  Rockyou for web fuzzing
  ☆15Jan 28, 2022Updated 4 years ago
• martabyte / Red-Team-Ops

  View on GitHub
  Notes about the YouTube playlist: Red Team Operations with Cobalt Strike (2019)
  ☆20Feb 16, 2021Updated 5 years ago
• Fnzer0 / S2-057-poc

  View on GitHub
  S2-057 poc test
  ☆13Aug 31, 2018Updated 7 years ago
• snoopysecurity / fuzzpayloads

  View on GitHub
  Collection of fuzzing payloads and corpus from all around added as sub modules
  ☆16Mar 26, 2026Updated last month
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• intuit / mastko

  View on GitHub
  MasTKO is a security tool which detects DNS entries associated with AWS’s EC2 servers susceptible to takeover attack and attempts a takeo…
  ☆11Jun 14, 2023Updated 2 years ago
• R-s0n / OSWE-Methodology

  View on GitHub
  Blank methodology sheet for the OSWE exam
  ☆13Dec 17, 2021Updated 4 years ago
• rix4uni / xsschecker

  View on GitHub
  xsschecker tests endpoints for reflected XSS by injecting payloads and checking responses. It prints vulnerable if the payload is reflect…
  ☆37Nov 3, 2025Updated 5 months ago
• lucas-santoni / sqli-platform

  View on GitHub
  Training for SQL injections
  ☆36Feb 3, 2019Updated 7 years ago
• EspressoCake / Cobalt_Strike_Ansible

  View on GitHub
  A project to replicate the functionality of Noah Powers' ServerSetup script, but with error handling and fixed Namecheap API support.
  ☆33Oct 1, 2021Updated 4 years ago
• Zeyad-Azima / Need-IP

  View on GitHub
  A tool for Pentesters & BugHunters to collect IPs of company, server, Operating System & many more
  ☆13Dec 20, 2022Updated 3 years ago
• Ajqx255 / OSCP

  View on GitHub
  OSCP Prep notes
  ☆14Oct 18, 2020Updated 5 years ago
• drak3hft7 / OSCP-Exam-Report-Template

  View on GitHub
  Template used for my OSCP exam.
  ☆29Aug 9, 2022Updated 3 years ago
• GhostManager / cobalt_sync

  View on GitHub
  Standalone Cobalt Strike operation logging Aggressor script for Ghostwriter 2.0+
  ☆36Dec 1, 2025Updated 4 months ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• sundowndev / GoogleDork

  View on GitHub
  CMB Mobile Google Hacking App
  ☆24Feb 28, 2014Updated 12 years ago
• overgrowncarrot1 / Scripts

  View on GitHub
  ☆19Jan 14, 2026Updated 3 months ago
• xnl-h4ck3r / alien

  View on GitHub
  Your favourite chest/terminal bursting buddy!
  ☆18Nov 27, 2021Updated 4 years ago
• rudSarkar / Payloads

  View on GitHub
  Exploits for different vulnerabilities
  ☆12Nov 29, 2021Updated 4 years ago
• 0x3rhy / GetClipboard

  View on GitHub
  Cobalt Strike Get clipboard plugin
  ☆15Aug 11, 2023Updated 2 years ago
• projectdiscovery / fdmax

  View on GitHub
  Small Helper Library to increase automatically the file descriptors limits for the current process
  ☆24Jul 10, 2023Updated 2 years ago
• JoyGhoshs / NotesYouDontNeed

  View on GitHub
  Some Notes because i am too lazy to search
  ☆13May 10, 2021Updated 4 years ago
• danielhochman / redis-look

  View on GitHub
  Command-line tool to monitor Redis in real-time
  ☆13Apr 25, 2018Updated 8 years ago
• m4ll0k / BBTz

  View on GitHub
  BBT - Bug Bounty Tools (examples💡)
  ☆1,888Apr 5, 2024Updated 2 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• hackedbyagirl / OSCP

  View on GitHub
  OSCP Preperation
  ☆14Aug 12, 2021Updated 4 years ago
• emadshanab / DIR-WORDLISTS

  View on GitHub
  Some wordlists collected form github to all bug bounty hunters.
  ☆41Jul 30, 2021Updated 4 years ago
• shelld3v / flydns

  View on GitHub
  Related subdomains finder
  ☆28May 18, 2022Updated 3 years ago
• hahwul / can-i-protect-xss

  View on GitHub
  Everything about xss protection technology
  ☆14Oct 22, 2019Updated 6 years ago
• santosomar / kev_checker

  View on GitHub
  A basic Python program to check Cybersecurity & Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) Catalog
  ☆24Jun 13, 2023Updated 2 years ago
• appknox / vulnerable-application

  View on GitHub
  Test Android Application.
  ☆20Jan 22, 2016Updated 10 years ago
• adrianalvird / collaborator

  View on GitHub
  This is Same as Burpsuite Collaborator | Free | Burpsuite Collaborator Server
  ☆13Jun 27, 2025Updated 10 months ago
• six2dez / mobile_pentesting_guide

  View on GitHub
  Mobile Pentesting Guide (WIP)
  ☆25May 13, 2020Updated 5 years ago
• nirzaaa / minum

  View on GitHub
  Minimal Enumeration Code
  ☆17Dec 12, 2022Updated 3 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• blacklanternsecurity / public-dns-servers

  View on GitHub
  A CI/CD-verified list of the internet's known-good public DNS servers (from public-dns.info) Updated weekly!
  ☆36Apr 1, 2026Updated 3 weeks ago
• williamknows / SharpHound3

  View on GitHub
  C# Data Collector for the BloodHound Project, Version 3
  ☆37Dec 28, 2021Updated 4 years ago
• agnes-it / maid-cafe

  View on GitHub
  It's an open source restaurant and coffee shop management system.
  ☆10Jan 6, 2023Updated 3 years ago
• cybercdh / bucket-finder

  View on GitHub
  Reads in a list of domains or subdomains and crawls them for references to S3 buckets
  ☆10Nov 21, 2023Updated 2 years ago
• HackWithSumit / BurpSuiteProfessional-2024

  View on GitHub
  Burp or Burp Suite is a set of tools used for penetration testing of web applications. It is developed by the company named Portswigger.
  ☆24Dec 18, 2024Updated last year
• dsopas / bugbounty-cheatsheet

  View on GitHub
  A list of interesting payloads, tips and tricks for bug bounty hunters.
  ☆13Oct 26, 2017Updated 8 years ago
• ItsIgnacioPortal / XSStrike-Reborn

  View on GitHub
  Updated fork of XSStrike: The most advanced XSS scanner.
  ☆24Feb 14, 2023Updated 3 years ago