A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
OWASP BLT is a collection of security tools.
The First Open Source Bug Bounty Platform
📝Blogs Section of my Website
Listen. Learn. Interact. Powered by open-source magic and AI.
📜 tool offline en el navegador para organizar, filtrar y abrir informes de bug bounty. permite crear categorías, añadir notas, asignar prioridades y gestionar urls con persistencia en localstorage.
📜 Bug Bounty Arsenal es un repositorio que concentra en un solo lugar todo lo necesario para la caza de vulnerabilidades web: metodologías de expertos, estándares internacionales, técnicas avanzadas de recon, bypass de WAF, explotación y plantillas de informes.
📜 Métodos HTTP Aceptados y Header — Catálogo interactivo y buscador de métodos HTTP (GET…MKCOL) para developers y pentesters.
OWASP Foundation Web Respository
📜 Visor/gestor local con tablas, buscador y notas para mapear vulnerabilidades ↔ encabezados HTTP. 100% sin conexión (HTML): filtra tu lista de verificación de hallazgos por Cliente, Servidor y Otras vulnerabilidades.
Bug Hunting Toolkit v2.0
A collection of subdomains to help ethical hackers and security researchers
A practical tool to track and manage web app security tests.
Exploring Cybersecurity: Bugs, Bypasses & the Dark Web
Un scanneur multipurpose pour le bugbounty
CTF and Bug Bounty Hunting WriteUps.
Sploit -- All-in-one, AI-powered cybersecurity toolkit for web, network, and phishing tests. Modular, cross-platform, Docker-ready, with GUI & CLI. Open source by AUX-441 Team.
A Hands-On DOM Cross-Site Scripting (XSS) Learning Lab
Introducing "Dork Engine" – the ultimate bug bounty tool! Open multiple Google Dorks with a click, making vulnerability discovery and sensitive info hunting faster and easier. Boost your bug bounty game!
Real-world web vulnerability reports including SQL Injection (SQLi), Cross-Site Scripting (XSS), CSRF, and session hijacking. Created in HTML & CSS for professional documentation.