-
oauth-sniper Public
Tool to scan across multiple bug bounty programs for OAuth implementations
-
ars0n-framework-v2-scan-data Public
A repo to store public scan data for my bug bounty hunting framework.
-
ars0n-framework-v2 Public
Bug Bounty Hunting Framework Designed to Help Beginners Compete w/ the Pros
-
c-no-3v1l Public
Blind Cross-Site Scripting (XSS) Testing Tool For Bug Bounty Hunters Using AWS
-
acog Public
Search across all public HackerOne programs for targets based on vulnerability class
-
repoleak Public
A scanner for bug bounty hunters to find leaked secrets in public resources
-
Learning materials, vulnerable demo app, and scripts related to the Client-Side Injections Part II YouTube Video
-
cloud_enum Public
Forked from initstring/cloud_enumMulti-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
-
-
websocket-fuzzer Public
A simple golang script that sends the same websocket message repeatedly to a single URI
-
ars0n-framework Public
A Modern Framework for Bug Bounty Hunting
-
populate-burp Public
A go script designed to quickly populate Burpsuite from a list of URLs
-
-
collect-bchecks Public
A simple bash script that downloads a collection of BChecks from various sources and consolidates them into a single directory.
-
learning-go Public
A collection of scripts and applications I'm building as part of my effort to learn Go better
-
The repo contains all the the notes, slides, and study material for my workshop at DEFCON 32 at the Bug Bounty Village
-
XSS-Filter-Bypass-Lab Public
A simple, intentionally vulnerable node application with a variety of Cross-Site Scripting vulnerabilities.
-
ars0n-framework-scans Public
A repository to store data from completed scans in The Ars0n Framework
-
Juice-Shop-SAST-Test Public
Custom version of Juice Shop to test SAST tools
-
-
Damn_Vulnerable_Node_App Public
This node application is 1000% secure.
-
ars0n-framework-srt Public
A lightweight version of my bug bounty hunting framework designed to be run on Synack's LP+ machines.
-
Custom_Vuln_Scan_Templates Public
A collection of custom built scan templates for automated vuln scanning (nuclei, Burp, etc.)
-
WAPT_Framework Public
A Web Application Penetration Testing Framework build in React with an Node/Express/MongoDB back-end
-
Wildfire-Toolkit Public
A collection of automation scripts for bug bounty hunting.
-
-
AppSec-Labs Public
Files, notes, and walkthroughs for a variety of web application security labs (HTB, VulnLab, etc.)
-
Bug_Scraper Public
A tool for bug bounty researchers to identify valid domains and urls in public HackerOne/BugCrowd programs
-
The-Prospector Public
Full-stack Django application designed to help sales teams for service providers discover and track opportunities based on job postings.
-
{{ message }}