#
bugbounty
Here are 394 public repositories matching this topic...
Updates to this repository will continue to arrive until the number of links reaches 10000 links & 10000 pdf files .Learn Ethical Hacking and penetration testing .hundreds of ethical hacking & penetration testing & red team & cyber security & computer science resources.
windows
linux
awesome
osint
malware
hacking
resources
sql-injection
csrf
awesome-list
pentesting
malware-analysis
bugbounty
kali-linux
hacking-tool
dork
information-gathering
xxe
redteam
osint-resources
-
Updated
Jul 8, 2020
Automated pentest framework for offensive security experts
dns
osint
scanner
nuke
hacking
subnet
shellshock
vulnerability
pentesting
scans
recon
vulnerabilities
bugbounty
pentest
automated
kali-linux
metasploit
sn1per
sn1per-professional
xerosecurity
-
Updated
Jul 5, 2020 - Shell
Fully automated offensive security framework for reconnaissance and vulnerability scanning
osint
hacking
subdomain
penetration-testing
bugbounty
scanning
hacking-tool
information-gathering
security-tools
reconnaissance
pentest-tool
osmedeus
-
Updated
Jun 11, 2020 - Python
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
attack
injection
fuzzing
sql-injection
bugbounty
payloads
fuzz
burpsuite
intruder
fuzz-lists
burpsuite-engagement
burpsuite-intruder
-
Updated
Jun 10, 2020 - BitBake
OneForAll是一款功能强大的子域收集工具
python
osint
subdomain
content-security-policy
recon
bugbounty
information-gathering
pentest-tool
zone-transfers
subdomain-scanner
nsec
subdomain-takeover
subdomain-enumeration
subdomain-bruteforcing
subdomain-crawler
subdomain-collection
subdomian-find
oneforall
altname
crossdomainxml
-
Updated
Jul 10, 2020 - Python
chackmate
commented
Oct 6, 2018
Is subdomains hosted at discourse is vulnerable to takeover or not?
Automated NoSQL database enumeration and web application exploitation tool.
couchdb
redis
security-audit
mongodb
nosql
scanner
hacking
databases
enumeration
penetration-testing
nosql-databases
sql-injection
bugbounty
mongodb-database
offensive-security
hacktoberfest
hacking-tool
security-tools
web-application-security
security-toolset
-
Updated
Jun 23, 2020 - Python
kingthorin
commented
Apr 2, 2020
Merge /Testing_for_Vertical_Bypassing_Authorization_Schema_WSTG-AUTHZ-00X.md into 4-Web_Application_Security_Testing/05-Authorization_Testing/03-Testing_for_Privilege_Escalation.md
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
android
ios
awesome
mobile
reverse-engineering
hacking
resources
awesome-list
pentesting
bugbounty
android-security
mobile-security
ios-security
security-tools
redteam
hacking-tools
-
Updated
Jun 29, 2020
Open
Cleanup & Comment
sa7mon
commented
Jan 15, 2020
- (Choose a consistent docstring format and lint (with pylint, probably)
- Try to organize files into directories:
- tests/
- models/
xss
xss-vulnerability
xss-scanners
bugbounty
xss-scanner
xss-exploitation
xss-detection
payload
payloads
xss-attacks
xss-injection
websecurity
dom-based
xss-poc
cross-site-scripting
reflected-xss-vulnerabilities
website-vulnerability
xss-payloads
self-xss
xss-payload
-
Updated
Jun 28, 2020
Penetration tests guide based on OWASP including test cases, resources and examples.
-
Updated
Jul 11, 2020
Subdomain Takeover tool written in Go
go
golang
security
subdomain
bug-bounty
infosec
pentesting
bugbounty
takeover
hostile
subdomain-takeover
-
Updated
May 13, 2020 - Go
gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
heroku
paypal
facebook
osint
twitter
monitor
amazon
stripe
regex
realtime
mailgun
bugbounty
leaks
security-automation
security-tools
wordlists
redteam
-
Updated
Jun 5, 2020 - Python
Security Tool to Look For Interesting Files in S3 Buckets
-
Updated
Dec 23, 2019 - Python
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
php
alert
blind
test
bug
xss
penetration-testing
xss-vulnerability
easy-to-use
easy
bugbounty
xss-scanner
xss-exploitation
xss-detection
payload
xss-attacks
xss-injection
blind-xss
-
Updated
Mar 19, 2020 - PHP
This challenge is Inon Shkedy's 31 days API Security Tips.
-
Updated
Apr 12, 2020
Automatically brute force all services running on a target.
-
Updated
Jul 2, 2020 - Shell
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
bugbounty
bughunting
bugbountytips
bugbounty-writeups
security-writeups
bugbounty-blogs
bugbounty-yahoo
bugbounty-facebook
bughunting-methodology
bughunting-writeups
-
Updated
May 16, 2020 - Python
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
-
Updated
Jul 6, 2020 - Java
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
security
security-audit
scanner
hacking
penetration-testing
bugbounty
vhost
vhosts
offensive-security
virtual-hosts
hacking-tool
discovery-service
ctf-tools
reverse-lookups
security-tools
web-application-security
oscp
penetration-test
hackthebox
virtual-host
-
Updated
Apr 28, 2020 - Python
A fast port scanner written in go with focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
-
Updated
Jul 9, 2020 - Go
Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use.
-
Updated
Jul 11, 2020 - Go
StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
-
Updated
May 23, 2019 - JavaScript
Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
-
Updated
Feb 10, 2020 - Shell
Improve this page
Add a description, image, and links to the bugbounty topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the bugbounty topic, visit your repo's landing page and select "manage topics."
It would be great if we add solution to each section that protects your code/server.
For example a PHP script that sanitises request strings against all attacks