Beginner-Bug-Bounty-Automation
webrecon
Beginner-Bug-Bounty-Automation | webrecon | |
---|---|---|
2 | 1 | |
22 | 49 | |
- | - | |
3.4 | 1.8 | |
2 months ago | over 2 years ago | |
Python | Shell | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Beginner-Bug-Bounty-Automation
webrecon
What are some alternatives?
BugBountyScanner - A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.
reconness - ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
rengine - reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
WhatWeb - Next generation web scanner
Garud - An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
log4j-scan-turbo - Multithreaded log4j vulnerability scanner using only bash! Tests all JNDI protocols, HTTP GET/POST, and 84 headers.
awesome-bbht - A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
scilla - Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
osmedeus - A Workflow Engine for Offensive Security
ActiveDirectoryAttackTool - ADAT is a small tool used to assist CTF players and Penetration testers with easy commands to run against an Active Directory Domain Controller. This tool is is best utilized using a set of known credentials against the host.
GooFuzz - GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).