A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
This repo Gathers all available cve exploits from github.
🔍 Streamline reconnaissance with Recon-WebUI, a modular toolkit featuring both a CLI and a user-friendly web interface for domain and IP analysis.
🕵️♂️ Discover and extract endpoints, subdomains, and GraphQL queries effortlessly with this Burp Suite extension for efficient passive reconnaissance.
small script for processing fscan output results especially for optimizing output from fscan scans of large asset sets helping you get ahead of the game
🔍 Explore top hacker and OSINT search engines with this modern GUI toolkit designed for efficient information gathering and analysis.
🕵️♂️ Test for XSS vulnerabilities instantly using a GUI tool that scans URL parameters and forms against thousands of payloads with ease.
RoboBack is a CLI tool that fetches historical robots.txt files from the Wayback Machine, helping OSINT and bug bounty teams track crawling policies over time 🤖.
# ScriptSniffer**ScriptSniffer** is a Python tool that extracts relative URLs from online JavaScript files and saves them as absolute URLs in a text file. Easy to use, this tool streamlines your workflow with a simple command-line interface. 🐙✨
BBtool is a user-friendly penetration testing tool designed for security researchers and ethical hackers. It integrates multiple security testing tools into one interface, making vulnerability discovery efficient and straightforward. 🛠️🌐
Dutch Government Bugbounty scope, subdomains and endpoints
A powerful Python tool for identifying Insecure Direct Object Reference (IDOR) vulnerabilities in Burp Suite traffic exports.
SpringBoot Attack Surface Scanner – An interactive penetration testing tool that automatically discovers information leaks, actuator leaks, and modern CVE exploits in Spring-based applications through asynchronous scanning + FOFA/ZoomEye/Hunter integrations.
🕷️ Uncover secrets and analyze JavaScript with jsrip, a fast tool for bug hunters and researchers to crawl, download, and reveal hidden data.
🛡️ Scan for web vulnerabilities with HunterKit, a professional-grade tool designed for bug bounty hunters and security experts to enhance online safety.
🛠️ Develop and analyze exploits with LabExploit, a security research tool featuring built-in safety controls for authorized use only.
60k+ WordPress Nuclei templates, updated daily from Wordfence intel—filter by severity/tags/CVE and scan in one line. 🚀🔒
Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term (dork) with a default set of websites, bug bounty programs or custom collection.
SearchToolkit is advanced collection of tools, hardwares, resources and cheatsheets useful for Pentester, Red Teamer, Bug Hunter, Forensics, LAW enforcement etc.
The recursive internet scanner for hackers. 🧡