oneplus-x / The-Bug-Hunters-Methodology
Welcome! This repo is a conglomeration of tips, tricks, tools, and data analysis to use while doing web application security assessments, and more specifically towards bug hunting in bug bounties.
β13Updated 5 years ago
Related projects β
Alternatives and complementary repositories for The-Bug-Hunters-Methodology
- commandsβ27Updated 4 years ago
- π― SQL Injection Payload Listβ10Updated 3 years ago
- KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Poβ¦β58Updated 3 years ago
- Stuff for bug bountyβ26Updated last year
- It grep subdomains, email/username, build custom wordlist etc from gau resultsβ45Updated 2 years ago
- Cool HackerOne Reportsβ18Updated 2 years ago
- basic bbtools , buggy , not recommended to useβ34Updated 4 months ago
- ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be β¦β58Updated 2 years ago
- SubzzZ to find possible subdomains using passive recon. Tool also support Permutations, Mutations, Alterations.β38Updated 3 years ago
- Magic Header Blind Xss tool (deliver blind xss payloads in request headers).β27Updated 3 years ago
- Basic Bash Script to scrape all subdomains from crtsh in a single runβ18Updated 2 years ago
- β32Updated last year
- β12Updated 2 years ago
- 3klector is an automation Recon tool which collecting information about Acquisitions and ASN which related to Big Scope companyβ49Updated 2 years ago
- Check Listβ73Updated 2 years ago
- An Automation Tool Written in Python which uses Twitter and GitHub APIβ17Updated 2 years ago
- β28Updated 11 months ago
- Collection of web app methodology from initial recon into exploit known vulnerability. Used when conducting Bug Bounty, Penetration Testiβ¦β13Updated 3 years ago
- IIS shortname scanner + bruteforceβ49Updated 9 months ago
- Automated blind-xss search for Burp Suiteβ24Updated 2 years ago
- This tool is a simple LFI, RFI, RCE, and Joomla Components vulnerability scanner, created by JayCyberSecurityβ22Updated 2 years ago
- S3 Recon tips and tricks collected from different resources,Sorry if i missed to mention all resources ownersβ26Updated 3 years ago
- Mini recon script to identify the links and sensitive information from a particular linkβ19Updated 3 years ago
- My nots from Web application Hacker's Handbookβ17Updated 2 years ago
- s3 brute force toolβ44Updated 3 years ago
- Guide to SSRFβ65Updated last year
- Power of .bashrc and .bash_aliasesβ32Updated 2 years ago
- A small script for my recon during bug hunting. Needs some modificationsβ17Updated 4 years ago
- Resolvers updated daily for reconftwβ46Updated last year
- The project aims at creating target-specific wordlists for any web application that you are testing.β63Updated 2 years ago