A list of interesting payloads, tips and tricks for bug bounty hunters.
☆20Jul 8, 2024Updated last year
Alternatives and similar repositories for bugbounty-cheatsheet
Users that are interested in bugbounty-cheatsheet are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆24Mar 20, 2023Updated 3 years ago
- Methodoloy for pentesting web applications.☆10Aug 18, 2022Updated 3 years ago
- tl;tr; jhaddix bhmv5☆10Jul 2, 2020Updated 5 years ago
- ☆19Mar 13, 2022Updated 4 years ago
- Bug Hunting Handbook☆11Aug 11, 2022Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- simple HTTP(S) server for receiving webhooks and running commands☆17May 6, 2026Updated last week
- Publicly available training resources used by Security PS to train application security engineers☆10Feb 16, 2021Updated 5 years ago
- Some tools help. Some tools assist. Villani Code intervenes.☆51May 13, 2026Updated last week
- Bug Bounty Recon Automation Script -- Scan AWS IP Range Certs for Matching FQDN☆26Sep 17, 2021Updated 4 years ago
- sshchecker is a fast dedicated ssh brute-forcing tool to check ssh login on the giving IP list.☆23Feb 8, 2026Updated 3 months ago
- Python script to find URLs that could contain secrets☆13Apr 28, 2021Updated 5 years ago
- This repository is intended as a comprehensive guide to prepare for interviews focused on generative AI. It serves as a one-stop resource…☆11Dec 13, 2024Updated last year
- An evil MCP server used for redteam testing☆30Updated this week
- Sentry integration for Frappe Framework☆15Oct 4, 2024Updated last year
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- ☆19Apr 28, 2025Updated last year
- An Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk☆23Jul 10, 2018Updated 7 years ago
- Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and n…☆19Jun 22, 2022Updated 3 years ago
- A Model Context Protocol (MCP) server for providing code context from git repositories☆25Nov 13, 2025Updated 6 months ago
- envil forges Nix flakes and manages stacked environments☆19Dec 11, 2025Updated 5 months ago
- ☆26Apr 12, 2025Updated last year
- Write-ups of All types Bugs☆22Apr 13, 2022Updated 4 years ago
- Fast, simple library in Go to fetch CVEs from the National Vulnerability Database feeds☆33Dec 30, 2020Updated 5 years ago
- InfraSight is a modular eBPF-based observability platform for Linux and Kubernetes environments. It provides deep visibility into system …☆36Oct 14, 2025Updated 7 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- VulnReach builds on standard SCA output by adding reachability context - proving through static analysis, taint tracking, and live runtim…☆20Apr 27, 2026Updated 3 weeks ago
- FindX is an Android phone antitheft app.☆16Nov 9, 2023Updated 2 years ago
- Implementation of Wappalyzer in Python☆53Dec 8, 2022Updated 3 years ago
- Vulnerable application for security issues demo☆19Jan 18, 2019Updated 7 years ago
- ARF is an agentic reliability intelligence platform that separates decision intelligence (OSS) from governed execution (Enterprise), enab…☆19Mar 2, 2026Updated 2 months ago
- Morning routine workflow for Claude Code - multi-stage system for daily reflection, goal review, and scheduling☆51Nov 17, 2025Updated 6 months ago
- An advanced scanner for exposed secrets in web pages, APIs, and source code.☆13Apr 22, 2025Updated last year
- Use NeoVide as a traditional terminal emulator!☆22Jan 22, 2025Updated last year
- Crawl website extract links☆58Jun 1, 2020Updated 5 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A collection of awesome one-liners for bug bounty hunting.☆59Apr 12, 2026Updated last month
- XSS scanner tool to scan a list of URLs provided in a .txt file for reflected XSS(rxss) vulnerabilities. This tool is designed to efficie…☆14Jun 29, 2024Updated last year
- Guide to SSRF☆79Oct 10, 2023Updated 2 years ago
- ☆21Oct 9, 2017Updated 8 years ago
- Cypher for Defenders: Leveraging Bloodhound Data Beyond the UI☆26Feb 8, 2024Updated 2 years ago
- Some files for bruteforcing certain things.☆27Jul 12, 2021Updated 4 years ago
- ☆24May 22, 2024Updated last year