Self-hosted bug bounty programs that are "scammy" or unethical
☆168Feb 10, 2026Updated 3 weeks ago
Alternatives and similar repositories for scammy-bbp
Users that are interested in scammy-bbp are comparing it to the libraries listed below
Sorting:
- Legitimate bug bounty programs value ethical practices and provide clear rewards to researchers for identifying security flaws☆44Sep 22, 2024Updated last year
- AI-powered ffuf wrapper☆646Dec 4, 2025Updated 3 months ago
- A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.☆777Dec 9, 2025Updated 3 months ago
- CT Log Scanner☆516Dec 26, 2025Updated 2 months ago
- ☆181Oct 15, 2024Updated last year
- ♥☆177Sep 7, 2025Updated 6 months ago
- This repository contains combined exploits for two vulnerabilities in Moodle, a widely used open-source learning management system (LMS)☆18Mar 13, 2024Updated last year
- Looks for parameters in urls☆34Oct 14, 2024Updated last year
- Tool to parse subdomains from dmarc.live☆150Apr 19, 2024Updated last year
- 10,000 H1 Disclosed Reports☆118May 10, 2024Updated last year
- AI Substitutor is an extension for Burp Suite that uses AI functionality to substitute values of HTTP request parameters and headers.☆27Apr 30, 2025Updated 10 months ago
- Gather results of dorks across a number of search engines☆280Jan 22, 2026Updated last month
- ☆520Apr 29, 2024Updated last year
- A tool to guess the rest of the shortnames provided by vulnerable IIS instances.☆41Aug 12, 2023Updated 2 years ago
- De-clutter a list of URLs☆385Feb 3, 2026Updated last month
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!☆21Aug 25, 2024Updated last year
- Swisscom Vulnerability Disclosure Policy & Bug Bounty Programme☆126Mar 2, 2026Updated last week
- SubOwner - A Simple tool check for subdomain takeovers.☆116Oct 18, 2024Updated last year
- 🚀 XSSFUZZ - A tool for detecting XSS vulnerabilities in web applications.☆124Sep 13, 2024Updated last year
- ☆15Mar 21, 2025Updated 11 months ago
- Gotta go fast☆154Dec 5, 2025Updated 3 months ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆753Dec 19, 2023Updated 2 years ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆313May 16, 2024Updated last year
- Never forget where you inject.☆298Aug 15, 2025Updated 6 months ago
- Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!☆2,552Updated this week
- 🎉 CVE Monitor v1.0☆26Jun 30, 2025Updated 8 months ago
- ☆18Jul 21, 2025Updated 7 months ago
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body☆36Dec 13, 2025Updated 2 months ago
- ☆212Jul 11, 2024Updated last year
- Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!☆1,313Updated this week
- A fast, minimalistic scanner for time-based SQL injection (SQLi) detection – built in Go.☆139May 7, 2025Updated 10 months ago
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆161Jul 2, 2024Updated last year
- Subdomains wordlist generted from subdomains of public bug bounty programs☆11Mar 25, 2025Updated 11 months ago
- Takeit is an advanced tool for detecting subdomain takeovers.☆20Aug 25, 2024Updated last year
- A powerful command-line tool for Google dorking, enabling users to uncover hidden information and vulnerabilities with advanced search qu…☆32Updated this week
- ai-based domain name generation☆128Feb 3, 2025Updated last year
- SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty☆732Jan 25, 2026Updated last month
- This Chromium extension scans the page for external iFrames, Scripts, and Styles, logs them to the console, and checks if their domains a…☆68Jan 6, 2026Updated 2 months ago
- A tool to migrate Burpsuite HTTP history to Caido☆35Apr 25, 2025Updated 10 months ago