diodb
Resources-for-Beginner-Bug-Bounty-Hunters
diodb | Resources-for-Beginner-Bug-Bounty-Hunters | |
---|---|---|
10 | 5 | |
955 | 10,157 | |
1.2% | - | |
7.6 | 2.9 | |
8 days ago | 3 months ago | |
Python | ||
Creative Commons Zero v1.0 Universal | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
diodb
-
How to find issues with bounties on github?
Perhaps: https://disclose.io/programs/
-
Are bug bounties programs safe for hackers?
Hi, I want to make some experience with web pentesting and I wanted to take some small bug bounty programs from disclose.io/programs/ . But to be honest I am scared that maybe I will do something wrong and I will face legal consequences π± . I am scared that by making the report they will see that I exploited the bug too much and put them in danger or something like that. I heard about white hat hackers reporting vulnerabilities and facing legal action but they discovered them without a bug bounty program like in this case https://www.bleepingcomputer.com/news/security/ethical-hacker-exposes-magyar-telekom-vulnerabilities-faces-8-years-in-jail/ What is your opinion about this ?
-
When to Report Vulnerability
2) https://disclose.io
-
We are cybersecurity researchers who wrote a book teaching people how to hack the Internet of Things, called Practical IoT Hacking. Ask us anything!
Helped develop coordinated vulnerability disclosure frameworks to allow security researchers to report security issues in good faith
- Hacking the Law: Are Bug Bounties a True Safe Harbor?
-
My disclosure mails doesn't get answered and sound like spam
I would also suggest contacting https://disclose.io/ and your National CSIRT team and ask for help. Good luck :)
-
GitHub repo of ALL known bug bounty platforms (45) and Halls of Fame (497)
Yeh, these are the different orgs that run programs on behalf of companies. For a list of the orgs running programs thereβs about 2,300 of those here (also open-source and a contact work in progress): https://github.com/disclose/diodb
- diodb: Open-source vulnerability disclosure and bug bounty program database by disclose.io
- diodb: Open-source vulnerability disclosure and bug bounty program database.
- Open-source vulnerability disclosure and bug bounty program database
Resources-for-Beginner-Bug-Bounty-Hunters
- Getting started with bb journey
-
Cyber Security resources
Media Resources
- Bug Bounty Resources
-
What is your favorite resource for becoming a better bug bounty hunter?
NahamSec's bug bounty beginner repo
-
Whats A Good Online Resource To Learn About Web
Nahamsec's beginner repo https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
What are some alternatives?
IoTGoat - IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices.
reconftw - reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
awesome-safety-critical - List of resources about programming practices for writing safety-critical software.
awesome-ethical-hacking-resources - π π Awesome list about all kinds of resources for learning Ethical Hacking and Penetration Testing.
ncrack - Ncrack network authentication tool
Awesome-Hacking - A collection of various awesome lists for hackers, pentesters and security researchers
resources - Tools, data, and contact lists relevant to The disclose.io Project.
offensive-docker - Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Shocker
OSCP-Prep
legal-bug-bounty - #legalbugbounty project β creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.
study-bug-bounty - Beginner Guide to Bug Hunting