Scripts for hunting bugs.

A CDN Domain Fronting Tool or Websocket Discovery written in Python

a medium scraper that you need.

A tool for spider multiple URLs & check for sensitive variables in code.

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Online tips and explain the commands, for the better understanding of new hunters..

Self-hosted passive subdomain continous monitoring tool.

🔒 SecurEye: Web Security Simplified SecurEye helps you keep your website safe with log analysis and IP/port scanning. Get protected now on GitHub!

This is a multi-threaded reconnaissance script written in python for bug bounty hunting.

A Python script designed to monitor bug bounty programs for any changes and promptly notify users.

SAP Knowledge Warehouse <=7.5.0 - Cross-Site Scripting

Apache OFBiz 16.11.04 is susceptible to XML external entity injection (XXE injection)

This is a tool used by several security researchers to find Open Redirect Bug

Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion

Citrix Netscaler ADC & Gateway v13.1-50.23 - Out-Of-Bounds Memory Read

Joomla! Core SQL Injection

Apache Tomcat - Open Redirect

Microsoft Windows 'HTTP.sys' - Remote Code Execution

WordPress Page Builder KingComposer <=2.9.6 - Open Redirect

This tool is used to find php info page

This tool is used to find shell history leaking