A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
This repo Gathers all available cve exploits from github.
# ScriptSniffer**ScriptSniffer** is a Python tool that extracts relative URLs from online JavaScript files and saves them as absolute URLs in a text file. Easy to use, this tool streamlines your workflow with a simple command-line interface. 🐙✨
BBtool is a user-friendly penetration testing tool designed for security researchers and ethical hackers. It integrates multiple security testing tools into one interface, making vulnerability discovery efficient and straightforward. 🛠️🌐
Dutch Government Bugbounty scope, subdomains and endpoints
🤖 LLM-powered agent for automated JS analysis in bug hunting & pentesting.
**Byakugan Finder** 👁️ is a fast and efficient **admin panel scanner** that helps penetration testers discover hidden login pages on websites. Inspired by the **Byakugan** from *Naruto*, it uses **multithreading** for speed, supports **custom wordlists**, and saves results automatically. ⚡ Perfect for ethical hacking and security testing! 🚀
This Python-based GUI application allows you to track the latest security vulnerabilities (CVEs) using the
A powerful Python tool for identifying Insecure Direct Object Reference (IDOR) vulnerabilities in Burp Suite traffic exports.
🕷️ Uncover secrets and analyze JavaScript with jsrip, a fast tool for bug hunters and researchers to crawl, download, and reveal hidden data.
🛡️ Scan for web vulnerabilities with HunterKit, a professional-grade tool designed for bug bounty hunters and security experts to enhance online safety.
🛠️ Develop and analyze exploits with LabExploit, a security research tool featuring built-in safety controls for authorized use only.
🔍 Streamline reconnaissance with Recon-WebUI, a modular toolkit featuring both a CLI and a user-friendly web interface for domain and IP analysis.
🕵️♂️ Discover and extract endpoints, subdomains, and GraphQL queries effortlessly with this Burp Suite extension for efficient passive reconnaissance.
🔍 Explore top hacker and OSINT search engines with this modern GUI toolkit designed for efficient information gathering and analysis.
🕵️♂️ Test for XSS vulnerabilities instantly using a GUI tool that scans URL parameters and forms against thousands of payloads with ease.
RoboBack is a CLI tool that fetches historical robots.txt files from the Wayback Machine, helping OSINT and bug bounty teams track crawling policies over time 🤖.
Ai-NmapX — Parallel Nmap wrapper with AI-assisted analysis & clean HTML reports
Lightweight HTTP Server with Public Exposure for Pentesting, Red Teaming and Bughunting (Linux)
This script automates the setup process for bughunting by installing all the essential tools at once. (portable toolkit)
AI Smart Contract Security Analysis and PoC Generation Framework