Documenting all the sources from where I'm learning Mobile(adnroid/IOS) bug bounty so if another researcher want to start with mobile bug bounty he/she don't struggle for resources

Shell 13 6 Updated Aug 13, 2025

xiv3r / Burpsuite-Professional

Latest Burpsuite Professional Version 2025.x.x

Shell 1,565 441 Updated Dec 19, 2025

l33d0hyun / XSS-Payloads

Forked from pgaijin66/XSS-Payloads

List of advanced XSS payloads

1 Updated Aug 23, 2016

reddelexc / hackerone-reports

Top disclosed reports from HackerOne

Python 5,075 920 Updated Dec 7, 2025

streaak / keyhacks

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

5,978 1,185 Updated Aug 14, 2024

skylot / jadx

Dex to Java decompiler

Java 46,597 5,364 Updated Dec 22, 2025

florinpop17 / app-ideas

A Collection of application ideas which can be used to improve your coding skills.

89,025 10,177 Updated Oct 11, 2025

kamranahmedse / developer-roadmap

Interactive roadmaps, guides and other educational content to help developers grow in their careers.

TypeScript 345,906 43,538 Updated Dec 22, 2025

x1xhlol / system-prompts-and-models-of-ai-tools

FULL Augment Code, Claude Code, Cluely, CodeBuddy, Comet, Cursor, Devin AI, Junie, Kiro, Leap.new, Lovable, Manus, NotionAI, Orchids.app, Perplexity, Poke, Qoder, Replit, Same.dev, Trae, Traycer AI…

101,537 27,072 Updated Dec 19, 2025

s0md3v / be-a-hacker

roadmap for a self-taught hacker

2,346 272 Updated Dec 21, 2023

Voorivex / bb-resouces

119 28 Updated Dec 26, 2023

swisskyrepo / PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Python 73,444 16,398 Updated Dec 12, 2025

s0md3v / AwesomeXSS

Awesome XSS stuff

JavaScript 5,038 778 Updated Oct 30, 2024

nahamsec / Resources-for-Beginner-Bug-Bounty-Hunters

A list of resources for those interested in getting started in bug bounties

11,677 2,005 Updated Jul 23, 2024

sleeyax / burp-awesome-tls

Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.

Java 1,690 105 Updated Dec 15, 2025

sfewer-r7 / CVE-2025-22457

PoC for CVE-2025-22457 - A remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways

Ruby 70 15 Updated Apr 25, 2025

jaiswalakshansh / Facebook-BugBounty-Writeups

Collection of Facebook Bug Bounty Writeups

685 125 Updated Sep 3, 2025

sushiwushi / bug-bounty-dorks

List of Google Dorks for sites that have responsible disclosure program / bug bounty program

1,797 472 Updated Dec 8, 2025

aszx87410 / beyond-xss

Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security

JavaScript 168 37 Updated Oct 27, 2025

0xInfection / Awesome-WAF

Everything about Web Application Firewalls (WAFs) from Security Standpoint! 🔥

Python 7,125 1,142 Updated Aug 28, 2025

shreyaschavhan / regex-notes

My Notes on Regular Expressions for AWAE/OSWE.

37 8 Updated Sep 5, 2023

AnonGyt / burp-js-extractor

EXTRACTING THEM JS FILES

Python 2 1 Updated Mar 29, 2025

BlackFan / client-side-prototype-pollution

Prototype Pollution and useful Script Gadgets

1,551 216 Updated Jan 27, 2024

sayan011 / Immunefi-bug-bounty-writeups-list

curation of all(most) immunefi bug bounty writeups I could find(till now)

1,072 124 Updated Sep 20, 2025

KingOfBugbounty / KingOfBugBountyTips

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…

Go 4,864 888 Updated Dec 22, 2025

Mahmudul Hasan Nisat nisatevo

Lists (9)

android testing

books

BugHunt

checklist

CS

DevOps

project

softwares (Japanese)

write-ups

Stars