#

Bug Bounty

A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.

Here are 45 public repositories matching this topic...

axlcraft / domain-monitor

🌐 Monitor domain expiration dates and receive timely alerts through Email, Telegram, Discord, and Slack to safeguard your online assets.

url osint monitoring whois self-hosted bugbounty threatintel cti fbi ssl-cert threat-intelligence whois-service seizures urlooker certstream dns-monitor rdap-protocol domain-tracker

Updated Dec 18, 2025
PHP

ssl / ezXSS

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Updated Dec 14, 2025
PHP

sh377c0d3 / Payloads

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

penetration-testing bugbounty payload payloads payloads-database bugbounty-tool

Updated Dec 2, 2025
PHP

KrazePlanet / KrazePlanetLabs

XSS, SQLI, LFI, RCE Practice Labs in php

Updated Nov 26, 2025
PHP

ogh-bnz / SecPayloads

Sec-Payloads, It's a collection of multiple types of lists used during security assessments & used for bug bounty hunting or penetration testing, collected in one place. List types include xss, sqli, sensitive data patterns, fuzzing payloads, web shells, and many more.

penetration-testing bugbounty seclists payloads payloads-database

Updated Nov 17, 2025
PHP

AdliXSec / lab-LFI

Lab local sederhana untuk melakukan penetrasi testing secara manual dan legal serta berfokus pada kerentanan LFI (Local File Inclusion)

labs ctf bugbounty pentest web-exploitation lfi-exploitation

Updated Oct 8, 2025
PHP

ashifsadiq / telegram-files-bot

Telegram Cloud Bot is an open-source Telegram bot built with Laravel and React that lets you upload, organize, and share files or send messages directly from Telegram. It’s designed for seamless file management, easy setup, and supports contributions from developers of all skill levels.

laravel opensource reactjs collaboration bugbounty developers telegrambot contribute

Updated Aug 15, 2025
PHP

er4vn / TeleStrike

TeleStrike is a red team utility designed for adversary simulation and security auditing of Telegram accounts. Built for educational and authorized assessment purposes, it mimics real-world attack vectors to test resilience and response mechanisms in Telegram’s authentication layers.

python linux php osint telegram malware hacking cybersecurity recon bugbounty termux kali-linux offensive-security

Updated Aug 1, 2025
PHP

er4vn / i-Detector

Educational tool for simulating Instagram login and 2FA mechanisms. Designed for ethical hacking and cybersecurity training.

python linux php instagram social-media malware hacking cybersecurity recon bugbounty termux kali-linux offensive-security hacker

Updated Jul 29, 2025
PHP

KIRAN-KUMAR-K3 / vulnerability-payload-lists

A curated repository of categorized payloads for testing and exploiting common web vulnerabilities in ethical hacking and penetration testing.

sql xss bugbounty payloads xxe command-injection xss-payloads sqli-payloads vulnerability-testing payload-lists

Updated May 14, 2025
PHP

sudosuraj / Awesome-Bug-Bounty

This is my personal repo, which includes bug bounty tips, a collection of tools, one-liners, and other resources I personally prefer while hunting. It is still under development, so feel free to contribute.

bug-bounty pentesting bugbounty mobile-security websecurity ecorp bugbountytips vapt bugbounty-tool sudosuraj ecorpsecurity helping-hackers

Updated Apr 25, 2025
PHP

solo10010 / BugBounty-Hub

🌌 BugBounty Hub: Your one-stop destination for Bug Bounty excellence! Explore Nuclei Templates and BugBounty Worldlists for comprehensive security testing. Join the fight for internet security today! (used in reconWTF)

security wordlist recon bugbounty nuclei-templates gf-patterns bugbountytools

Updated Apr 3, 2025
PHP

yeswehack / vulnerable-code-snippets

Twitter vulnerable snippets

snippets code owasp web-application bugbounty vulnerable example-code websecurity worst-practices code-analyze

Updated Mar 17, 2025
PHP

InfoSecWarrior / Offensive-Payloads

List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.

security pentesting bugbounty pentest payloads vulnerability-assessment wordlists

Updated Sep 20, 2024
PHP

rudSarkar / phar-vulnerability

Code for exploiting phar vulnerability for educational purpose for my Medium blog

php source-code bugbounty phpphar

Updated Aug 15, 2024
PHP

karimtariqx / HackerStories

This project is a vulnerable web application to practice on. It is designed for educational purposes to help security enthusiasts and developers understand and mitigate common web vulnerabilities.

cybersecurity penetration-testing vulnerability pentesting bugbounty vulnerable-web-app

Updated Feb 21, 2024
PHP

AGC007 / Bruteforce-Scanner-API--PHP

♾️ Bruteforce Scanner [v1-API] By AGC007™ -- PHP

api php security tools hack scanner bug finder software brute-force iran bugbounty crack account hacking-tool security-tools login-page openbullet agc007

Updated Jan 11, 2024
PHP

choirurrizal / paraminer

finds hidden parameters

php recon bugbounty

Updated Aug 12, 2023
PHP

gwen001 / s3-buckets-finder

Find AWS S3 buckets and test their permissions.

php aws cloud aws-s3 s3 s3-bucket bucket pentesting bugbounty security-tools

Updated Mar 28, 2023
PHP

gwen001 / extract-endpoints

Extract endpoints from source files.

php urls pentesting bugbounty security-tools endpoints

Updated Mar 28, 2023
PHP

Followers: 620 followers
Website: github.com/topics/bugbounty
Wikipedia: Wikipedia

Related topics

penetration-testing pentest pentesting security