🕵️♂️🔍 A tool with several scanning techniques that extracts live IP addresses from a list of IP addresses or CIDR notations.
Generate a cross join, also known as a Cartesian product, from the lines of the specified files. This process is useful for creating fuzzing payloads.
Leverage the power of AI to find hard to find subdomains.
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
yataf extracts secrets and paths from files or urls - its best used against javascript files
Barcha is your Swiss‑Army knife for SQL Injection reconnaissance 🔍. Written in Go, it automates: Shodan enumeration of SSL hosts 🕵️♂️ Liveness & redirect checks (ignores bad certs) 🔄 Automated Ghauri tests for each host 🛡️ SQLite logging of every scan 🔖
OSINT tools and more but without API key
🔍 Advanced parameter discovery tool for web security testing. Extract parameters from web apps with HTTP/2 support, headless browser, and intelligent filtering. Built for bug bounty hunters.
Add a description, image, and links to the bugbounty-tools topic page so that developers can more easily learn about it.
To associate your repository with the bugbounty-tools topic, visit your repo's landing page and select "manage topics."