The Repository contains various payloads, tools, tips and tricks from various hackers around the world. Please take a quick look down here ππ
β254Sep 27, 2025Updated 6 months ago
Alternatives and similar repositories for Bug-Hunting-Arsenal
Users that are interested in Bug-Hunting-Arsenal are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Tips For Bug Bounty Huntersβ86Jul 16, 2022Updated 3 years ago
- Web App bug huntingβ577Nov 26, 2025Updated 4 months ago
- Nuclei Templates - Here you will find the templates I use while huntingβ120Sep 27, 2021Updated 4 years ago
- BugBountyTipsβ414Jul 31, 2025Updated 8 months ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource loadβ295Sep 22, 2024Updated last year
- Serverless GPU API endpoints on Runpod - Bonus Credits β’ AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- BBT - Bug Bounty Tools (examplesπ‘)β1,884Apr 5, 2024Updated 2 years ago
- BugBounty_CheatSheetβ265May 11, 2023Updated 2 years ago
- A list of useful payloads and Bypass for Web Application Security and Bug Bounty/CTFβ170Mar 29, 2020Updated 6 years ago
- XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDβ¦β351Jun 17, 2023Updated 2 years ago
- AppSec Payloads Arsenal for Pentration Tester and Bug Bounty Huntersβ925Apr 1, 2026Updated 2 weeks ago
- Signatures for jaeles scanner by @j3ssieβ117Apr 20, 2024Updated last year
- A tools for JavaScript Reconβ24Jul 25, 2020Updated 5 years ago
- A repository that includes all the important wordlists used while bug hunting.β1,396Mar 11, 2023Updated 3 years ago
- Some simple scripts that I use during bug bounty hunting in Android Appsβ28Jan 30, 2025Updated last year
- Wordpress hosting with auto-scaling - Free Trial β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- The aim of this Reposiotry is to Provide the Resoursces of Learning at one place For Bug Bounty Hunters.β142Sep 18, 2023Updated 2 years ago
- Automated Web Recon Shell Scriptsβ53Dec 6, 2021Updated 4 years ago
- Nuclei templates written by geeknik. Claude is my co-pilot. π€β298Feb 24, 2026Updated last month
- A curated list of available Bug Bounty & Disclosure Programs and Write-ups.β78Dec 3, 2023Updated 2 years ago
- β38Aug 27, 2022Updated 3 years ago
- β18Apr 26, 2021Updated 4 years ago
- β29Dec 13, 2023Updated 2 years ago
- A Collection of Notes, Methodologies, POCs and everything else related to Bug Hunting.β165Jul 14, 2021Updated 4 years ago
- A simple reconnaissance framework for bug bounty huntingβ37Oct 16, 2020Updated 5 years ago
- Serverless GPU API endpoints on Runpod - Bonus Credits β’ AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Hidden input parameters finderβ19Jul 10, 2023Updated 2 years ago
- Weaponize Your Burp is a repository for automation your Bug Bounty Hunting mindset in Burp Suiteβ80Jan 13, 2023Updated 3 years ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one plβ¦β1,039Aug 23, 2025Updated 7 months ago
- For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. π‘οΈβοΈπ§β1,832Jun 9, 2024Updated last year
- Automation for javascript recon in bug bounty.β1,081Sep 9, 2023Updated 2 years ago
- β113Apr 25, 2023Updated 2 years ago
- Open Redirection Analyzerβ812Mar 5, 2023Updated 3 years ago
- A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.β1,997Sep 5, 2021Updated 4 years ago
- SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilitiesβ185Mar 2, 2021Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways β’ AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Astra is a tool to find URLs and secrets inside a webpage/filesβ212Mar 14, 2023Updated 3 years ago
- β148Dec 23, 2022Updated 3 years ago
- Host Header Injection Checkerβ84Mar 2, 2022Updated 4 years ago
- Bugbounty Resourcesβ540May 31, 2023Updated 2 years ago
- β59Apr 8, 2021Updated 5 years ago
- Endpoint monitor toolβ21Sep 16, 2020Updated 5 years ago
- A collection of notes, checklists, writeups on bug bounty hunting and web application security.β153Jun 30, 2022Updated 3 years ago