This repo contains different variants of Bug Bounty & Security & Pentest & Tech related Articles
☆55Jan 7, 2025Updated last year
Alternatives and similar repositories for bug-bounty-writeup
Users that are interested in bug-bounty-writeup are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆18Jul 21, 2025Updated 8 months ago
- A collection of slides and presentations from BSides Ahmedabad 2024, held on October 12th and 13th. This repository features key insights…☆39Oct 17, 2024Updated last year
- Bypass Reset Password Code Lead to Account Takeover☆26Sep 16, 2024Updated last year
- A CLI tool to extract, analyze, and filter JavaScript links from web pages or URLs, with regex matching and structured JSON output.☆19Jan 6, 2025Updated last year
- All About XSS☆16Oct 23, 2022Updated 3 years ago
- Deploy open-source AI quickly and easily - Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Tools and methods that I personally use for Recon and Exploitations☆52May 1, 2025Updated 11 months ago
- All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)☆305Mar 12, 2024Updated 2 years ago
- Automated GitHub secret scanning with smart alerting & monitoring.☆31Jan 15, 2026Updated 3 months ago
- Firebase_Checker is Python tool to analyze APK files and web applications for Firebase-related vulnerabilities. This tool identifies secu…☆56Nov 6, 2025Updated 5 months ago
- SAPLAR - LFI & Path Traversal Scanner☆15Mar 11, 2025Updated last year
- Modern real world bug bounty payloads and exploitation techniques with may earn you some $$$.☆30Nov 7, 2023Updated 2 years ago
- A proof of concept program that pulls and parses security.txt files at mass.☆29May 31, 2023Updated 2 years ago
- Blind XSS SVG☆10Mar 27, 2023Updated 3 years ago
- Scrape files for sensitive information, and generate an interactive HTML report. Based on Rabin2.☆17Feb 25, 2026Updated last month
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- 🎯 Chrome Extension - Passive scanner for Dependency Confusion vulnerabilities in npm/PyPI packages☆31Jan 31, 2026Updated 2 months ago
- Contains nuclei templates for security testing and POCs.☆17Oct 19, 2024Updated last year
- Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp…☆29Jul 21, 2024Updated last year
- ☆208Feb 5, 2025Updated last year
- This Tool To Test Machine Keys In View State☆86Oct 11, 2024Updated last year
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body☆36Apr 9, 2026Updated last week
- ☆29May 22, 2024Updated last year
- ☆23Aug 9, 2025Updated 8 months ago
- Attempt zone transfers on domains☆18Jul 12, 2021Updated 4 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆16Jul 17, 2024Updated last year
- Repo containing walkthroughs to possibly pwn Admin Panels and Exposed Consoles☆17Sep 20, 2024Updated last year
- Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.☆12Feb 3, 2024Updated 2 years ago
- Tutorials and Things to Do while Hunting Vulnerability.☆13Aug 30, 2022Updated 3 years ago
- Zzl is a reconnaissance tool that collects subdomains from SSL certificates in IP ranges☆44Oct 27, 2024Updated last year
- anveshan is a completed script that helps to automate your recon process, It finds subdomains, urls, js files, parameters, screenshots, a…☆30Oct 29, 2024Updated last year
- ☆48Oct 1, 2025Updated 6 months ago
- Python Script to Print the name of the companies that are acquired by a Target Company and the Time of Acquisition.☆26Dec 5, 2021Updated 4 years ago
- jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice☆294Apr 9, 2024Updated 2 years ago
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Monitor your target continuously for new subdomains!☆25Mar 18, 2023Updated 3 years ago
- An automated bug hunting tool for comprehensive reconnaissance, including subdomain enumeration, port scanning, vulnerability detection, …☆13Jun 24, 2025Updated 9 months ago
- ☆45Mar 5, 2025Updated last year
- Argus is used to test for Blind XSS and SSRF vulnerbilities or any sort of OOB detection☆14Nov 1, 2024Updated last year
- Springboot detection☆23Nov 8, 2021Updated 4 years ago
- Athenz is a role-based authorization (RBAC) system for provisioning and configuration (centralized authorization) use cases as well as se…☆13Oct 29, 2019Updated 6 years ago
- ☆40Jun 5, 2021Updated 4 years ago