This repo contains different variants of Bug Bounty & Security & Pentest & Tech related Articles
☆56Jan 7, 2025Updated last year
Alternatives and similar repositories for bug-bounty-writeup
Users that are interested in bug-bounty-writeup are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆18Jul 21, 2025Updated 9 months ago
- A collection of slides and presentations from BSides Ahmedabad 2024, held on October 12th and 13th. This repository features key insights…☆39Oct 17, 2024Updated last year
- Bypass Reset Password Code Lead to Account Takeover☆26Sep 16, 2024Updated last year
- A CLI tool to extract, analyze, and filter JavaScript links from web pages or URLs, with regex matching and structured JSON output.☆19Jan 6, 2025Updated last year
- All About XSS☆16Oct 23, 2022Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Tools and methods that I personally use for Recon and Exploitations☆53May 1, 2025Updated last year
- All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)☆305Mar 12, 2024Updated 2 years ago
- Automated GitHub secret scanning with smart alerting & monitoring.☆31Jan 15, 2026Updated 3 months ago
- Firebase_Checker is Python tool to analyze APK files and web applications for Firebase-related vulnerabilities. This tool identifies secu…☆57Nov 6, 2025Updated 6 months ago
- SAPLAR - LFI & Path Traversal Scanner☆15Mar 11, 2025Updated last year
- Modern real world bug bounty payloads and exploitation techniques with may earn you some $$$.☆30Nov 7, 2023Updated 2 years ago
- A proof of concept program that pulls and parses security.txt files at mass.☆29May 31, 2023Updated 2 years ago
- Blind XSS SVG☆10Mar 27, 2023Updated 3 years ago
- Scrape files for sensitive information, and generate an interactive HTML report. Based on Rabin2.☆17Feb 25, 2026Updated 2 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- 🎯 Chrome Extension - Passive scanner for Dependency Confusion vulnerabilities in npm/PyPI packages☆33Jan 31, 2026Updated 3 months ago
- Contains nuclei templates for security testing and POCs.☆17Oct 19, 2024Updated last year
- Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp…☆29Jul 21, 2024Updated last year
- ☆208Feb 5, 2025Updated last year
- This Tool To Test Machine Keys In View State☆86Oct 11, 2024Updated last year
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body☆36Apr 9, 2026Updated last month
- ☆29May 22, 2024Updated last year
- ☆23Aug 9, 2025Updated 8 months ago
- Attempt zone transfers on domains☆18Jul 12, 2021Updated 4 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆16Jul 17, 2024Updated last year
- Repo containing walkthroughs to possibly pwn Admin Panels and Exposed Consoles☆17Sep 20, 2024Updated last year
- Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.☆12Feb 3, 2024Updated 2 years ago
- Zzl is a reconnaissance tool that collects subdomains from SSL certificates in IP ranges☆44Oct 27, 2024Updated last year
- Tutorials and Things to Do while Hunting Vulnerability.☆13Aug 30, 2022Updated 3 years ago
- anveshan is a completed script that helps to automate your recon process, It finds subdomains, urls, js files, parameters, screenshots, a…☆30Oct 29, 2024Updated last year
- ☆50Oct 1, 2025Updated 7 months ago
- Python Script to Print the name of the companies that are acquired by a Target Company and the Time of Acquisition.☆26Dec 5, 2021Updated 4 years ago
- jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice☆294Apr 9, 2024Updated 2 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Monitor your target continuously for new subdomains!☆25Mar 18, 2023Updated 3 years ago
- ☆45Mar 5, 2025Updated last year
- Argus is used to test for Blind XSS and SSRF vulnerbilities or any sort of OOB detection☆14Nov 1, 2024Updated last year
- Springboot detection☆23Nov 8, 2021Updated 4 years ago
- Athenz is a role-based authorization (RBAC) system for provisioning and configuration (centralized authorization) use cases as well as se…☆13Oct 29, 2019Updated 6 years ago
- ☆40Jun 5, 2021Updated 4 years ago
- My Powershell notes☆16Sep 27, 2022Updated 3 years ago