wzqs / hackerone-reports
Top disclosed reports from HackerOne
☆12Updated 2 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for hackerone-reports
- Enhanced 403 bypass header☆21Updated 2 years ago
- JSNotify is a Python script designed to monitor JavaScript files in a specified directory for changes. This tool can be used by developer…☆18Updated 11 months ago
- BBSSRF - Bug Bounty SSRF is a powerful tool to check SSRF OOB connection☆38Updated last year
- In this repo, I have created a subdomain enumeration function that grab subdomains in deep.☆22Updated last year
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆16Updated 3 years ago
- Custom nuclei templates for bug hunting.....☆23Updated 5 months ago
- Run ffuf with the appropriate options to brute-force the directories using the awesome different wordlists.☆23Updated last year
- A simple plugin to export JS files from one or multiple targets☆39Updated 11 months ago
- IIS shortname scanner + bruteforce☆47Updated 8 months ago
- A simple utility to generate domain names with all possible TLDs☆23Updated last year
- ☆12Updated 2 years ago
- ☆27Updated last month
- A solid recon tool I use personally.☆30Updated last year
- This tool automates the process of running FFUF (Fuzz Faster U Fool) and post-processing its results to extract valid URLs. It supports b…☆34Updated this week
- Authorization-Nuclei-Templates☆37Updated last month
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.☆42Updated 8 months ago
- ☆15Updated 4 months ago
- Supertruder but better☆33Updated last year
- ☆20Updated last year
- A simple utility to perform reverse WHOIS lookups using whoisxml API☆35Updated last year
- A Lightning-Fast DNS Resolver written in Rust 🦀☆64Updated 6 months ago
- vīlicus is a bug bounty api dashboard☆39Updated last year
- Bug Bounty Program Discovery tool, that discovers bug Bounty Program via security.txt file by default and you can use custom dork☆15Updated 2 years ago
- Passively check for XSS character encodings☆19Updated last year
- Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp…☆26Updated 3 months ago
- ☆36Updated last year
- A repository to host the subdomain wordlists from my blog https://medium.com/@nynan/what-i-learnt-from-reading-217-subdomain-takeover-bug…☆40Updated 2 years ago
- A Go tool that gets the newest PRs from projectdiscovery/nuclei-templates.☆53Updated last year