Welcome to the 403 and 401 Bypass Techniques and Bug Bounty Tips repository! This repo is a collection of methods and strategies to bypass 403 and 401 HTTP response codes, along with various tips and tricks for bug bounty hunting. If you're passionate about finding vulnerabilities and improving security, this is the right place for you!
☆19Dec 26, 2024Updated last year
Alternatives and similar repositories for BugBountyTips
Users that are interested in BugBountyTips are comparing it to the libraries listed below
Sorting:
- aiohttp LFI (CVE-2024-23334)☆27Mar 19, 2024Updated last year
- bring shodan facets into your terminal without API key.☆96Oct 21, 2025Updated 4 months ago
- I-Espresso is a tool that enables users to generate Portable Executable (PE) files from batch scripts. Leveraging IExpress, it demonstrat…☆84Oct 17, 2024Updated last year
- CVE-2023-6063 (WP Fastest Cache < 1.2.2 - UnAuth SQL Injection)☆29Nov 15, 2023Updated 2 years ago
- See README.txt for usage instructions. Use http://www.openwall.com/lists/john-users/ for support.☆17Aug 31, 2018Updated 7 years ago
- A JavaScript Secret Finder tool.☆34Nov 3, 2025Updated 4 months ago
- BeeXSS is a specialized automated tool designed to detect Blind XSS (Cross-Site Scripting) vulnerabilities in web applications.☆37Dec 3, 2024Updated last year
- Contains nuclei templates for security testing and POCs.☆17Oct 19, 2024Updated last year
- RobinHood - Bug Hunting Recon Automation Script☆37Nov 18, 2022Updated 3 years ago
- Nuclei Templates☆14Jan 13, 2023Updated 3 years ago
- This script automates SQL injection testing using SQLMap with AI-powered decision making.☆29Jun 13, 2025Updated 8 months ago
- ☆20Jan 9, 2024Updated 2 years ago
- Exploits with pwntools library in Python3. ROP, BOF, SHELLCODE.☆20Feb 2, 2024Updated 2 years ago
- This repository contains combined exploits for two vulnerabilities in Moodle, a widely used open-source learning management system (LMS)☆18Mar 13, 2024Updated last year
- GitIntel is a robust GitHub OSINT tool crafted to reveal concealed insights from GitHub repositories and user profiles. Its capabilities …☆15Jan 29, 2025Updated last year
- ☆18Nov 8, 2025Updated 3 months ago
- Firebase_Checker is Python tool to analyze APK files and web applications for Firebase-related vulnerabilities. This tool identifies secu…☆55Nov 6, 2025Updated 3 months ago
- CVE-2024-2879 - LayerSlider 7.9.11 - 7.10.0 - Unauthenticated SQL Injection☆23Apr 8, 2024Updated last year
- Online-Crawler-Wayback-Machine☆27Oct 15, 2024Updated last year
- zyxel_ipc_camera_pwn☆21Dec 31, 2022Updated 3 years ago
- Oty is a fast, customizable, CLI tool designed to streamline your Bug Bounty and Pentesting workflows. Powered by a simple yet flexible Y…☆28Jan 27, 2025Updated last year
- XML-RPC Vulnerability Checker and Directory Fuzzer☆22Sep 28, 2023Updated 2 years ago
- XSS-Freak is an xss scanner fully written in python3 from scratch. it is one of its kind since it crawls the website for all possible lin…☆26Feb 15, 2020Updated 6 years ago
- ☆59Dec 15, 2023Updated 2 years ago
- Burp Suite extension that enhances Burp Active Scan by adding template engine specific SSTI payloads.☆24Feb 20, 2024Updated 2 years ago
- log4jshell vulnerability scanner for bug bounty☆24Dec 21, 2021Updated 4 years ago
- A powerful and clean bash script to dump and extract information from Project Discovery's Chaos Project https://chaos.projectdiscovery.io…☆25Mar 31, 2022Updated 3 years ago
- Nuclei template and information about the POC for CVE-2024-25600☆31Feb 21, 2024Updated 2 years ago
- ☆22Apr 30, 2023Updated 2 years ago
- A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an a…☆57Jan 8, 2026Updated last month
- The remediation script should set the reg entries described in https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884 . The…☆27Jul 21, 2023Updated 2 years ago
- My personal collection of nuclei templates made for fuzzing.☆29Sep 6, 2024Updated last year
- ☆33Apr 23, 2023Updated 2 years ago
- A proof of concept program that pulls and parses security.txt files at mass.☆29May 31, 2023Updated 2 years ago
- anveshan is a completed script that helps to automate your recon process, It finds subdomains, urls, js files, parameters, screenshots, a…☆30Oct 29, 2024Updated last year
- CVE-2023-7028☆58Jan 12, 2024Updated 2 years ago
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body☆36Dec 13, 2025Updated 2 months ago
- exfiltration/infiltration toolkit☆23Dec 20, 2023Updated 2 years ago
- CoupDeWeb is an automated web vulnerability scanner designed for security researchers and developers. It scans for potential vulnerable …☆29Oct 17, 2024Updated last year