BUG BOUNTY WRITEUPS - OWASP TOP 10 🔴🔴🔴🔴✔
Bug Bounty ~ Awesomes | Books | Cheatsheets | Checklists | Tools | Wordlists | More
📦 An independent package manager that every hacker deserves.
Little Bug Bounty & Hacking Tools⚔️
Python library and CLI for the Bug Bounty Recon API
Domains belonging to the most reputed public bug bounty programs. [NOT FOR NON-MONETARY OR PRIVATE PROGRAMS]
A Bug Bounty Platform that allows hunters to issue commands over a geo-distributed cluster. The ideal user is someone who is attempting to scan multiple bug bounty programs simultaneously, on a recurring basis.
My bug bounty notes
JSpider is a smart crawler for hidden endpoints. It crawls and extracts hidden API endpoints and URLs from JavaScript files and HTML source code - all directly in your browser.
A structured recon-only framework for bug bounty hunters, from DNS basics to JS mining, API discovery, and automation pipelines.
500+ Google Dork Operators for Security Research & Bug Bounty
This is a notification pipeline written in python, which uses a common base `notification.txt` file to connect any script to an standardized discord notification system.
DorkScan is a web app that helps bug bounty hunters and students generate Google Dork queries. Choose a role to get tailored dorks for vulnerabilities or educational resources. The tool allows custom searches, displaying clickable dorks in real-time with a clean, responsive design for easy use across devices.
This repository contains my personal notes and methodologies related to Bug Bounty and Web Security, including: Recon methodologies (general + personal workflows) Techniques to find hidden assets Various attack vectors
🔍 Generate powerful Google and Bing dorks for reconnaissance and OSINT quickly with this lightweight frontend tool.
Maximize your bounty hunting with 6qlzHunter – a powerful vulnerability scanner
A lightweight Firefox extension designed for Bug Bounty Hunters and Penetration Testers to automatically harvest, filter, and export domain names and subdomains from web pages during the reconnaissance phase.
Crawler for Github repositories. Finds all the broken links from the repositories
All-in-one Dockerized recon toolkit for security researchers — combines Subfinder, Sublist3r, MassDNS, dnsx, Assetfinder, and Nmap for comprehensive domain and subdomain intelligence gathering.
One solution for all bug bounty passive & active unauthenticated reconnaissance
Add a description, image, and links to the bug-bounty-recon topic page so that developers can more easily learn about it.
To associate your repository with the bug-bounty-recon topic, visit your repo's landing page and select "manage topics."