Lists (2)
Stars
Fair-code workflow automation platform with native AI capabilities. Combine visual building with custom code, self-host or cloud, 400+ integrations.
A community-powered collection of all known bug bounty platforms, vulnerability disclosure platforms, and crowdsourced security platforms currently active on the Internet.
GRR Rapid Response: remote live forensics for incident response
Experimental application for monitoring earthquakes world-wide in near real time. Capable of issuing its own earthquake early warnings (EEW).
self-hosted disposable email service (nodejs) using catch-all and imap
HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
A fast, simple, recursive content discovery tool written in Rust.
Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!
Quickly discover exposed hosts on the internet using multiple search engines.
Asset inventory of over 800 public bug bounty programs.
A fast tool to scan CRLF vulnerability written in Go
dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!
The most exhaustive list of reliable DNS resolvers.
Tool to check for dependency confusion vulnerabilities in multiple package management systems
A list of resources for those interested in getting started in bug bounties
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
A python tool used to discover endpoints, potential parameters, and a target specific wordlist for a given target
Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
Useful configurations for the DomLogger++ extension
Dynamic analysis framework for JavaScript
An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
Repository to store exploits created by Assetnotes Security Research team