Community curated list of templates for the nuclei engine to find security vulnerabilities.

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

Gosint is a distributed asset information collection and vulnerability scanning platform

Change monitoring app that checks the content of web pages in different periods.

Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.

Discover hidden debugging parameters and uncover web application secrets

This extension will help you to detect GET/POST based XSS vulnerability in any website easily

Bug Bounty writeups, Vulnerability Research, Tutorials, Tips&Tricks

Opensource assets and vulnerability scanning tool

Jbin will gather all the URLs from the website and then it will try to expose the secret data from them such as API keys, API secrets, API tokens and many other juicy information.

My personal bug bounty toolkit.

xss development frameworks, with the goal of making payload writing easier.

Nodesub is a command-line tool for finding subdomains in bug bounty programs

A simple browser extension to quickly find interesting security-related information on a webpage.

⚡Chrome extension allows you to create lists of Google and Github dork to open multiple tabs with one click, import "scope/out of scope" from #HackerOne #Bugcrowd #Intigriti ...

A Tool for Domain Flyovers

xss-payload-list