bugbounty-tool
Here are 417 public repositories matching this topic...
Language:All
Sort:Most stars
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
- Updated
Apr 20, 2025 - Go
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
- Updated
Mar 12, 2025 - Python
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
- Updated
Apr 30, 2025 - Kotlin
Tips and Tutorials for Bug Bounty and also Penetration Tests.
- Updated
Feb 12, 2024
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
- Updated
Jan 29, 2021 - C#
The fastest dork scanner written in Go.
- Updated
Feb 4, 2024 - Go
ScopeSentry-Cyberspace mapping, subdomain enumeration, port scanning, sensitive information discovery, vulnerability scanning, distributed nodes
- Updated
Apr 24, 2025 - Python
A curated collection of top-tier penetration testing tools and productivity utilities across multiple domains. Join us to explore, contribute, and enhance your hacking toolkit!
- Updated
Apr 17, 2025
Automation for javascript recon in bug bounty.
- Updated
Sep 9, 2023 - Shell
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
- Updated
Jul 23, 2024 - Shell
An IIS short filename enumeration tool
- Updated
Nov 25, 2024 - Go
Payload Arsenal for Pentration Tester and Bug Bounty Hunters
- Updated
May 6, 2023 - PHP
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
- Updated
Jul 4, 2023 - Shell
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
- Updated
Mar 20, 2023 - Rust
Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including domain emails, domain credentials, CIDRs , ASNs , and subdomains, the tool also allows users to search Google Play application ID.
- Updated
Apr 15, 2025 - Python
A tool to check a bunch of URLs that contain reflecting params.
- Updated
Aug 4, 2024 - Go
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
- Updated
Jun 22, 2022 - Go
Discover new target domains using Content Security Policy
- Updated
Apr 23, 2025 - Go
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
- Updated
Apr 28, 2025 - Shell
Improve this page
Add a description, image, and links to thebugbounty-tool topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with thebugbounty-tool topic, visit your repo's landing page and select "manage topics."