m4ll0k/Awesome-Bugbounty-Writeups external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

m4ll0k/Awesome-Bugbounty-Writeups

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/m4ll0k/Awesome-Bugbounty-Writeups)

Close

m4ll0k / Awesome-Bugbounty-WriteupsView on GitHubMore

• External links
• Readme badge

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

☆44Dec 26, 2020Updated 5 years ago

Alternatives and similar repositories for Awesome-Bugbounty-Writeups

Users that are interested in Awesome-Bugbounty-Writeups are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• m4ll0k / PayloadsAllTheThings

  View on GitHub
  A list of useful payloads and bypass for Web Application Security and Pentest/CTF
  ☆22Feb 26, 2021Updated 5 years ago
• m4ll0k / hacks

  View on GitHub
  A collection of hacks and one-off scripts
  ☆18Jun 4, 2021Updated 4 years ago
• m4ll0k / OneListForAll

  View on GitHub
  Rockyou for web fuzzing
  ☆15Jan 28, 2022Updated 4 years ago
• martabyte / Red-Team-Ops

  View on GitHub
  Notes about the YouTube playlist: Red Team Operations with Cobalt Strike (2019)
  ☆20Feb 16, 2021Updated 5 years ago
• Fnzer0 / S2-057-poc

  View on GitHub
  S2-057 poc test
  ☆13Aug 31, 2018Updated 7 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• snoopysecurity / fuzzpayloads

  View on GitHub
  Collection of fuzzing payloads and corpus from all around added as sub modules
  ☆15Updated this week
• intuit / mastko

  View on GitHub
  MasTKO is a security tool which detects DNS entries associated with AWS’s EC2 servers susceptible to takeover attack and attempts a takeo…
  ☆11Jun 14, 2023Updated 2 years ago
• qeeqbox / falcon

  View on GitHub
  Collection of exploits that were verified by an automated system
  ☆13Jun 17, 2021Updated 4 years ago
• Halcy0nic / Trophies

  View on GitHub
  Trophy list of zero-day vulnerabilities that I discovered
  ☆11May 6, 2024Updated last year
• R-s0n / OSWE-Methodology

  View on GitHub
  Blank methodology sheet for the OSWE exam
  ☆13Dec 17, 2021Updated 4 years ago
• rix4uni / xsschecker

  View on GitHub
  xsschecker tests endpoints for reflected XSS by injecting payloads and checking responses. It prints vulnerable if the payload is reflect…
  ☆36Nov 3, 2025Updated 4 months ago
• Zeyad-Azima / Need-IP

  View on GitHub
  A tool for Pentesters & BugHunters to collect IPs of company, server, Operating System & many more
  ☆13Dec 20, 2022Updated 3 years ago
• InQuest / python-inquestlabs

  View on GitHub
  A Pythonic interface and command line tool for interacting with the InQuest Labs API.
  ☆36Nov 18, 2025Updated 4 months ago
• Ajqx255 / OSCP

  View on GitHub
  OSCP Prep notes
  ☆14Oct 18, 2020Updated 5 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• drak3hft7 / OSCP-Exam-Report-Template

  View on GitHub
  Template used for my OSCP exam.
  ☆29Aug 9, 2022Updated 3 years ago
• GhostManager / cobalt_sync

  View on GitHub
  Standalone Cobalt Strike operation logging Aggressor script for Ghostwriter 2.0+
  ☆36Dec 1, 2025Updated 3 months ago
• xnl-h4ck3r / alien

  View on GitHub
  Your favourite chest/terminal bursting buddy!
  ☆18Nov 27, 2021Updated 4 years ago
• rudSarkar / Payloads

  View on GitHub
  Exploits for different vulnerabilities
  ☆13Nov 29, 2021Updated 4 years ago
• 0x3rhy / GetClipboard

  View on GitHub
  Cobalt Strike Get clipboard plugin
  ☆15Aug 11, 2023Updated 2 years ago
• JoyGhoshs / NotesYouDontNeed

  View on GitHub
  Some Notes because i am too lazy to search
  ☆13May 10, 2021Updated 4 years ago
• m4ll0k / BBTz

  View on GitHub
  BBT - Bug Bounty Tools (examples💡)
  ☆1,887Apr 5, 2024Updated last year
• hackedbyagirl / OSCP

  View on GitHub
  OSCP Preperation
  ☆14Aug 12, 2021Updated 4 years ago
• emadshanab / DIR-WORDLISTS

  View on GitHub
  Some wordlists collected form github to all bug bounty hunters.
  ☆40Jul 30, 2021Updated 4 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• shelld3v / flydns

  View on GitHub
  Related subdomains finder
  ☆28May 18, 2022Updated 3 years ago
• hahwul / can-i-protect-xss

  View on GitHub
  Everything about xss protection technology
  ☆14Oct 22, 2019Updated 6 years ago
• santosomar / kev_checker

  View on GitHub
  A basic Python program to check Cybersecurity & Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) Catalog
  ☆24Jun 13, 2023Updated 2 years ago
• blacklanternsecurity / public-dns-servers

  View on GitHub
  A CI/CD-verified list of the internet's known-good public DNS servers (from public-dns.info) Updated weekly!
  ☆37Jan 17, 2026Updated 2 months ago
• six2dez / mobile_pentesting_guide

  View on GitHub
  Mobile Pentesting Guide (WIP)
  ☆26May 13, 2020Updated 5 years ago
• usbarmory / GoTEE-example

  View on GitHub
  GoTEE - example application
  ☆17Mar 9, 2026Updated 3 weeks ago
• JoasASantos / OSWE

  View on GitHub
  ☆17Sep 2, 2021Updated 4 years ago
• williamknows / SharpHound3

  View on GitHub
  C# Data Collector for the BloodHound Project, Version 3
  ☆37Dec 28, 2021Updated 4 years ago
• cybercdh / bucket-finder

  View on GitHub
  Reads in a list of domains or subdomains and crawls them for references to S3 buckets
  ☆10Nov 21, 2023Updated 2 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• HackWithSumit / BurpSuiteProfessional-2024

  View on GitHub
  Burp or Burp Suite is a set of tools used for penetration testing of web applications. It is developed by the company named Portswigger.
  ☆24Dec 18, 2024Updated last year
• dsopas / bugbounty-cheatsheet

  View on GitHub
  A list of interesting payloads, tips and tricks for bug bounty hunters.
  ☆13Oct 26, 2017Updated 8 years ago
• Webklex / altip

  View on GitHub
  Convert an IP into Alternative / Obfuscated versions of itself
  ☆14Aug 13, 2022Updated 3 years ago
• CunningLogic / pyDJI

  View on GitHub
  python DUML library for DJI drones
  ☆11May 11, 2020Updated 5 years ago
• ItsIgnacioPortal / XSStrike-Reborn

  View on GitHub
  Updated fork of XSStrike: The most advanced XSS scanner.
  ☆24Feb 14, 2023Updated 3 years ago
• prodigiousMind / blizzardwrap

  View on GitHub
  BlizzardWrap - A CLI tool for encoding and decoding (supports several formats/algos)
  ☆16Jun 19, 2021Updated 4 years ago
• random-robbie / angularjs-csti-scanner

  View on GitHub
  Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.
  ☆11Dec 14, 2025Updated 3 months ago