Get the scope of your bugcrowd programs
☆67Dec 4, 2020Updated 5 years ago
Alternatives and similar repositories for bcscope
Users that are interested in bcscope are comparing it to the libraries listed below
Sorting:
- Tiny library to parse the subdomain, domain, and tld extension from a host string☆23Apr 1, 2022Updated 3 years ago
- Endpoint monitor tool☆21Sep 16, 2020Updated 5 years ago
- List HackerOne private program assets☆154Jun 24, 2021Updated 4 years ago
- ASN reconnaissance script☆133Jan 25, 2024Updated 2 years ago
- ☆15Dec 15, 2020Updated 5 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- Dotmil subdomain discovery tool that scrapes domains from official DoD website directories and certificate transparency logs☆94Jan 21, 2021Updated 5 years ago
- A tools for JavaScript Recon☆24Jul 25, 2020Updated 5 years ago
- A Payload Injector for bugbounties written in go☆70Jul 18, 2020Updated 5 years ago
- ☆11Aug 27, 2020Updated 5 years ago
- A list of Awesome Bughunting oneliners , collected from the various sources☆69Aug 14, 2023Updated 2 years ago
- ☆57Sep 2, 2020Updated 5 years ago
- SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibil…☆156Aug 21, 2020Updated 5 years ago
- Repo of useful scripts☆104Jun 30, 2020Updated 5 years ago
- This repo includes my analysis of some public reports.☆55Sep 22, 2020Updated 5 years ago
- Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers …☆147Apr 12, 2024Updated last year
- Unpack a JavaScript Source Map back into filesystem structure☆184Oct 9, 2020Updated 5 years ago
- Find orphaned IP's on cloud services☆29Oct 23, 2019Updated 6 years ago
- Tests for SSRF by injecting a specified location into different headers. This is a Rust port of m4ll0k's tool.☆37Jul 7, 2020Updated 5 years ago
- ☆24Jan 26, 2021Updated 5 years ago
- Signatures for jaeles scanner by @j3ssie☆117Apr 20, 2024Updated last year
- Weaponizing Live CT logs for automated monitoring of assets☆134Sep 12, 2021Updated 4 years ago
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆52Jul 14, 2021Updated 4 years ago
- Turbo Intruder Scripts☆228Jun 11, 2020Updated 5 years ago
- Get all the CNs from a list of domains☆45Aug 17, 2021Updated 4 years ago
- Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations☆394Jun 17, 2020Updated 5 years ago
- ☆13Feb 26, 2021Updated 5 years ago
- ☆38Nov 27, 2020Updated 5 years ago
- whoareyou is a tool to find the underlying technology/software used in a list of websites passed through stdin (using Wappalyzer dataset)☆32Jun 15, 2020Updated 5 years ago
- A tool for append URLs, skipping duplicates/paths & combine parameters.☆128Mar 2, 2022Updated 3 years ago
- Secret and/or credential patterns used for gf.☆243Feb 10, 2023Updated 3 years ago
- ☆105Oct 18, 2020Updated 5 years ago
- Tool to try multiple paths for PHPunit RCE CVE-2017-9841☆29Oct 18, 2021Updated 4 years ago
- Tool to extract & validate google fcm server keys from apks☆29Jan 20, 2021Updated 5 years ago
- Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin�☆45Mar 13, 2023Updated 2 years ago
- A tool to check a bunch of URLs that contain reflecting params.☆598Aug 4, 2024Updated last year
- It contain google dork to find the wsdl file.☆13May 27, 2020Updated 5 years ago
- nxdomain subdomain enumeration☆10Jul 17, 2022Updated 3 years ago
- Try to detect HTTP desync attack (https://portswigger.net/blog/http-desync-attacks-request-smuggling-reborn)☆11Sep 20, 2019Updated 6 years ago