Alternatives and similar repositories for BugBounty

Users that are interested in BugBounty are comparing it to the libraries listed below

• jiangsir404 / Xss-Sql-Fuzz
  burpsuite 插件对GP所有参数(过滤特殊参数)一键自动添加xss sql payload 进行fuzz
  ☆63Updated 7 years ago
• guguyu1 / IDOR-bypass-fuzz
  IDOR bypass fuzz 权限绕过burp 插件 fuzz （shiro 等）
  ☆27Updated 4 years ago
• theLSA / burp-sensitive-param-extractor
  burpsuite extension for check and extract sensitive request parameter
  ☆114Updated 5 years ago
• TheKingOfDuck / Copy2Java
  一键生成Java代码的burp插件/Generate Java script for fuzzing in Burp。
  ☆51Updated 3 years ago
• zer0yu / Open-PoC
  PoC for pocsuite3 and nuclei
  ☆56Updated 3 years ago
• gh0stkey / FuckAnywhere
  FuckAnywhere - 这是一个BurpSuite Jython（Python）插件，用于在HTTP请求中随处插入你想要进行测试的代码。
  ☆51Updated 3 years ago
• bit4woo / burp-api-common
  common methods that used by my burp extension projects
  ☆52Updated last year
• m01e-40x / MyJSPWebshell
  My collection of various of JSP Webshell.
  ☆37Updated 3 years ago
• cyal1 / host_scan
  这是一个用于IP和域名碰撞匹配访问的小工具，旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。https://github.com/fofapro/Hosts_scan implement in Go
  ☆116Updated 3 years ago
• zrools / tools
  ☆32Updated 5 years ago
• lz2y / CVE-2021-2394
  POC of CVE-2021-2394
  ☆40Updated 4 years ago
• jas502n / SpringBoot_Actuator_RCE
  SpringBoot_Actuator_RCE
  ☆95Updated 5 years ago
• mishmashclone / GrrrDog-Java-Deserialization-Cheat-Sheet
  https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
  ☆54Updated 4 years ago
• xiecat / sylas
  根据多个不同地区进行聚合查询以获取更多 fofa 数据
  ☆28Updated 2 years ago
• timwhitez / Frog-Submon
  🐸Subdomain Monitor, 子域名监控
  ☆77Updated 4 years ago
• DVPNET / Report_Public
  DVPNET 公开漏洞知识库
  ☆93Updated 4 years ago
• anneviliu / awvs_xray_url_batch-import
  用于解决awvs和xray联动时url批量导入并扫描的小脚本
  ☆16Updated 5 years ago
• LandGrey / xxe-ftp-server
  xxe oob receive file via web and ftp server
  ☆103Updated 6 years ago
• NS-Sp4ce / Inspur
  Inspur vul repo
  ☆34Updated 4 years ago
• fairyming / CVE-2020-8840
  CVE-2020-8840：FasterXML/jackson-databind 远程代码执行漏洞
  ☆37Updated 5 years ago
• sv3nbeast / One_Monitor
  为OneForAll增加一个新增域名监控插件（One_Monitor）
  ☆13Updated 5 years ago
• bit4woo / secqa
  解答开发关于安全漏洞的常见问题
  ☆41Updated 5 years ago
• pochubs / Log4j2Scan-1
  Log4j2 RCE Passive Scanner plugin for BurpSuite
  ☆35Updated 4 years ago
• insightglacier / IMAP_Bruteforce
  IMAP Bruteforce Script
  ☆30Updated 5 years ago
• YoungRichOG / WhoisSubdomain
  通过Whois信息发现更多与目标有关联的域名，扩大攻击面
  ☆14Updated 3 years ago
• zwjjustdoit / Xstream-1.4.17
  XSTREAM<=1.4.17漏洞复现（CVE-2021-39141、CVE-2021-39144、CVE-2021-39150）
  ☆62Updated 4 years ago
• pmiaowu / BurpHttpForwardRequests
  burp-http请求转发至其他模块的插件
  ☆76Updated 5 years ago
• theLSA / f5-bigip-rce-cve-2020-5902
  F5 BIG-IP RCE CVE-2020-5902 automatic check tool
  ☆62Updated 5 years ago
• MisakiKata / crawlergo_sub
  子域名监控式漏扫
  ☆40Updated 5 years ago
• yueshenyuan / JS-share
  一款支持微信和QQ、UC手机浏览器的分享工具，可以自定义标题、链接、icon等
  ☆11Updated 7 years ago