Alternatives and similar repositories for BugBounty

Users that are interested in BugBounty are comparing it to the libraries listed below

• bit4woo / burp-api-common
  common methods that used by my burp extension projects
  ☆52Updated last year
• mishmashclone / GrrrDog-Java-Deserialization-Cheat-Sheet
  https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
  ☆52Updated 4 years ago
• guguyu1 / IDOR-bypass-fuzz
  IDOR bypass fuzz 权限绕过burp 插件 fuzz （shiro 等）
  ☆27Updated 4 years ago
• jiangsir404 / Xss-Sql-Fuzz
  burpsuite 插件对GP所有参数(过滤特殊参数)一键自动添加xss sql payload 进行fuzz
  ☆63Updated 7 years ago
• jas502n / SpringBoot_Actuator_RCE
  SpringBoot_Actuator_RCE
  ☆96Updated 5 years ago
• zer0yu / Open-PoC
  PoC for pocsuite3 and nuclei
  ☆56Updated 3 years ago
• theLSA / burp-sensitive-param-extractor
  burpsuite extension for check and extract sensitive request parameter
  ☆114Updated 5 years ago
• cyal1 / host_scan
  这是一个用于IP和域名碰撞匹配访问的小工具，旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。https://github.com/fofapro/Hosts_scan implement in Go
  ☆115Updated 3 years ago
• pochubs / Log4j2Scan-1
  Log4j2 RCE Passive Scanner plugin for BurpSuite
  ☆35Updated 3 years ago
• sv3nbeast / One_Monitor
  为OneForAll增加一个新增域名监控插件（One_Monitor）
  ☆13Updated 5 years ago
• TheKingOfDuck / Copy2Java
  一键生成Java代码的burp插件/Generate Java script for fuzzing in Burp。
  ☆51Updated 3 years ago
• xiecat / sylas
  根据多个不同地区进行聚合查询以获取更多 fofa 数据
  ☆28Updated 2 years ago
• zwjjustdoit / Xstream-1.4.17
  XSTREAM<=1.4.17漏洞复现（CVE-2021-39141、CVE-2021-39144、CVE-2021-39150）
  ☆62Updated 4 years ago
• YoungRichOG / WhoisSubdomain
  通过Whois信息发现更多与目标有关联的域名，扩大攻击面
  ☆14Updated 3 years ago
• xawdxawdx / sentrySSRF
  Tool to searching sentry config on page or in javascript files and check blind SSRF
  ☆71Updated last year
• timwhitez / Frog-Submon
  🐸Subdomain Monitor, 子域名监控
  ☆77Updated 4 years ago
• DVPNET / Report_Public
  DVPNET 公开漏洞知识库
  ☆93Updated 4 years ago
• bigstrong2021 / automated-subdomain-takeover
  ☆26Updated last year
• 0xmin / awvs-scan
  awvs-scan 是一款调用 AWVS 13.x API 的自动化工具
  ☆26Updated 3 years ago
• Maskhe / BugBountyNotes
  简单记录下自己在挖掘SRC
  ☆32Updated 5 years ago
• MisakiKata / crawlergo_sub
  子域名监控式漏扫
  ☆40Updated 5 years ago
• gh0stkey / FuckAnywhere
  FuckAnywhere - 这是一个BurpSuite Jython（Python）插件，用于在HTTP请求中随处插入你想要进行测试的代码。
  ☆51Updated 3 years ago
• yueshenyuan / JS-share
  一款支持微信和QQ、UC手机浏览器的分享工具，可以自定义标题、链接、icon等
  ☆11Updated 7 years ago
• jas502n / xxl-job
  xxl-job RESTful API RCE
  ☆74Updated 4 years ago
• bit4woo / secqa
  解答开发关于安全漏洞的常见问题
  ☆41Updated 5 years ago
• lz2y / CVE-2021-2394
  POC of CVE-2021-2394
  ☆40Updated 4 years ago
• zrools / tools
  ☆32Updated 5 years ago
• anneviliu / awvs_xray_url_batch-import
  用于解决awvs和xray联动时url批量导入并扫描的小脚本
  ☆16Updated 5 years ago
• BurnyMcDull / fofa-spider
  fofa-spider
  ☆12Updated 4 years ago
• jas502n / GitlabVer
  gitlab version index
  ☆64Updated 4 years ago