Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Asset inventory of over 800 public bug bounty programs.

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

A fast DOM based XSS vulnerability scanner with simplicity.

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

Full Nuclei automation script with logic explanation.

Streamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using shell script and open source tools.

It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.

XSS Finder Via SSTI

bash script for automating subdomain enumeration process either passive or active

This Is The Ultimate Bug Bounty Automation & Web Hacking Tool That I've Created.

Script that performs a scan of a specific domain, using the following tools: Subfinder, assetfinder, amass and httpx. The result is merged into one file.

zwatcher is a lightweight bash script for monitoring sub/domains or a list of sub/domains and javascript files. It compares HTTP status codes and content length to detect changes and notifies the user when any modifications occur. Easily keep track of your domains' health and security with zwatcher.

Automate Nuclei scans and streamline bug hunting workflows

Pointer is a Fast Simple Lightweight Tool for Endpoint Discovery.

Extract Github Members Of Target Organization

Pen Hunter is a comprehensive vulnerability scanning tool designed for penetration testers, security researchers and bug bounties. it automates the process of collecting subdomains and URLs and tests them for various vulnerabilities including XSS, SQL Injection, Local File Inclusion, Open Redirect, Server-Side Request Forgery, CSRF, and RCE.

Hello, fellow bug bounty hunters! This repository is a collection of my personal bug bounty and security researching resources, scripts, and notes. My goal is to share useful information and tools that have helped me in my own journey, with the hope that they can do the same for you.

A bash script that scrapes various proxy feeds and asynchronously validates them

Bug Bounty Setup Tools On Fresh VPS. This scripts automatically installs top bug bounty tools and set up environment in newly installed VPS or Linux Operating System.