A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
A collection of various awesome lists for hackers, pentesters and security researchers
Web path scanner
A list of resources for those interested in getting started in bug bounties
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
A Workflow Engine for Offensive Security
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
A collection of awesome one-liner scripts especially for bug bounty tips.
This challenge is Inon Shkedy's 31 days API Security Tips.
A Security Tool for Bug Bounty, Pentest and Red Teaming.
Subdomain Takeover tool written in Go
A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Semi-automatic OSINT framework and package manager
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
API Security Project aims to present unique attack & defense methods in API Security field
OSINT tools and more but without API ke
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
