A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.

A collection of various awesome lists for hackers, pentesters and security researchers

• UpdatedJan 18, 2025

Web path scanner

• UpdatedFeb 20, 2025
• Python

A list of resources for those interested in getting started in bug bounties

• UpdatedJul 23, 2024

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

• UpdatedFeb 24, 2025
• HTML

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

• UpdatedMar 19, 2025
• Shell

The all-in-one browser extension for offensive security professionals 🛠

• UpdatedJan 5, 2025
• TypeScript

A Workflow Engine for Offensive Security

• UpdatedFeb 6, 2025
• Go

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

• UpdatedSep 30, 2024
• Shell

Applied offensive security with Rust -https://kerkour.com/black-hat-rust

• UpdatedAug 3, 2024
• Rust

A Security Tool for Bug Bounty, Pentest and Red Teaming.

• UpdatedMar 19, 2025
• Go

A collection of awesome one-liner scripts especially for bug bounty tips.

• UpdatedJul 29, 2024

Semi-automatic OSINT framework and package manager

• UpdatedJan 31, 2025
• Rust

This challenge is Inon Shkedy's 31 days API Security Tips.

• UpdatedApr 20, 2022

Collection of quality safety articles. Awesome articles.

• UpdatedSep 26, 2024

Subdomain Takeover tool written in Go

• UpdatedAug 13, 2023
• Go

🕵️ OSINT Tools for gathering information and actions forensics 🕵️

• UpdatedMar 12, 2025

A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

• UpdatedMay 20, 2024
• Python

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

• UpdatedApr 26, 2024
• Java

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

• UpdatedSep 20, 2024

一款信息泄漏利用工具，适用于.git/.svn/.DS_Store泄漏和目录列出

• UpdatedDec 27, 2022
• Python