Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Online tips and explain the commands, for the better understanding of new hunters..
☆36Dec 8, 2023Updated 2 years ago
Alternatives and similar repositories for bug-bounty-tips
Users that are interested in bug-bounty-tips are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Generate a cross join, also known as a Cartesian product, from the lines of the specified files. This process is useful for creating fuzz…☆21Jun 29, 2023Updated 2 years ago
- Pointer is a Fast Simple Lightweight Tool for Endpoint Discovery.☆14Dec 30, 2023Updated 2 years ago
- This script will find some basic vulns. I made this script for my daily hunting. The best feature about this script is just run it in bac…☆20Feb 19, 2024Updated 2 years ago
- Automate Nuclei scans and streamline bug hunting workflows☆21Feb 16, 2024Updated 2 years ago
- At this repo you can find any tools, tricks or templates for general penetration testing assesment☆15Apr 27, 2024Updated 2 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- A curated list of available Bug Bounty & Disclosure Programs and Write-ups.☆78Dec 3, 2023Updated 2 years ago
- Javascript file change monitoring☆18Mar 13, 2026Updated 2 months ago
- CRLF Bug scanner for WebPentesters and Bugbounty Hunters☆45Jun 9, 2023Updated 2 years ago
- Gampung tools for find nuclei template from github☆12Sep 6, 2023Updated 2 years ago
- Good resources about web security that I have read.☆28Jul 23, 2023Updated 2 years ago
- 🕵️♂️🔍 A tool with several scanning techniques that extracts live IP addresses from a list of IP addresses or CIDR notations.☆54May 14, 2023Updated 3 years ago
- All in one web Recon app☆43Jun 11, 2024Updated last year
- ☆11Jun 19, 2024Updated last year
- My useful files for penetration tests, security assessments, bug bounty and other security related stuff☆205Updated this week
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Notes taken from Android App Hacking - Black Belt Edition (UDEMY - Roman Stuehler)☆25May 19, 2024Updated 2 years ago
- Looks for parameters in urls☆34Oct 14, 2024Updated last year
- ☆18Nov 25, 2025Updated 5 months ago
- My bug bounty notes☆35Apr 10, 2021Updated 5 years ago
- A collection of Bug Bounty Tips collected from GitHub to all bug bounty hunters☆32Dec 12, 2023Updated 2 years ago
- URL Fuzzer☆21Nov 22, 2024Updated last year
- Filter URLs that match your scope file for bugbounty.☆11May 23, 2023Updated 2 years ago
- ☆16Jun 26, 2025Updated 10 months ago
- Hey there! Welcome to my collection of bug bounty and security testing resources. Whether you're just starting out or already deep into y…☆19Apr 8, 2026Updated last month
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Some Tutorials and Things to Help Bug Hunter☆31Mar 17, 2021Updated 5 years ago
- A CDN Domain Fronting Tool or Websocket Discovery written in Python☆55Mar 13, 2023Updated 3 years ago
- This repository contains fully disclosed accepted reports for the null Ahmedabad's Bug Bounty CTF.☆10Oct 31, 2023Updated 2 years ago
- Repository to store all audits from public contests, bug bounty programmes☆11Apr 23, 2024Updated 2 years ago
- ☆13Oct 24, 2024Updated last year
- A tool offering templates for streamlined bug bounty reporting☆60Jan 11, 2024Updated 2 years ago
- ☆113Apr 25, 2023Updated 3 years ago
- Recon for Pentesting and BugBounty 🕵️☆15Apr 19, 2026Updated last month
- Python package dependency confusion vulnerability POC. Impact this vulnerability is Remote code execution (RCE)☆12Apr 29, 2025Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- This Is The Ultimate Bug Bounty Automation & Web Hacking Tool That I've Created.☆28Feb 27, 2023Updated 3 years ago
- An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites…☆44Jun 28, 2022Updated 3 years ago
- A command-line utility designed to discover subdomains for a given domain in a simple, efficient way. It works by gathering information f…☆118Feb 23, 2026Updated 2 months ago
- a medium scraper that you need.☆18Nov 11, 2025Updated 6 months ago
- Bug Bounty Methodology-slides by Muhammad M. Awali. Pentesting and Researcher Talks.☆32Feb 17, 2023Updated 3 years ago
- My Notes & Resources Of Bug Bounty Checklists☆87Dec 28, 2024Updated last year
- My public findings/reports from decentralized audits, select bug bounty programs and engagements☆13Apr 22, 2026Updated 3 weeks ago