Go Bugbounty

Open-source Go projects categorized as Bugbounty | Edit details

Top 15 Go Bugbounty Projects

  • hetty

    Hetty is an HTTP toolkit for security research.

  • osmedeus

    A Workflow Engine for Offensive Security

    Project mention: How do I automate recon for 450+ hosts? Sn1per alternatives | reddit.com/r/AskNetsec | 2021-01-28

    I've used https://github.com/yogeshojha/rengine and https://github.com/j3ssie/Osmedeus with great success.

  • Scout APM

    Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.

  • WebHackersWeapons

    ⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

  • naabu

    A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

    Project mention: Naabu: a portscanning library in Go | reddit.com/r/golang | 2021-02-15

    actual link: https://github.com/projectdiscovery/naabu

  • jaeles

    The Swiss Army knife for automated Web Application Testing

    Project mention: Vulnerability scanners for a lot of domains | reddit.com/r/bugbounty | 2021-12-05

    Hey, check https://github.com/projectdiscovery/nuclei as @mr_coffee_robot suggested and check out https://github.com/jaeles-project/jaeles

  • urlhunter

    a recon tool that allows searching on URLs that are exposed via shortener services

  • interactsh

    An OOB interaction gathering server and client library

    Project mention: Create own Burp Collaborator? | reddit.com/r/Pentesting | 2022-01-04
  • OPS

    OPS - Build and Run Open Source Unikernels. Quickly and easily build and deploy open source unikernels in tens of seconds. Deploy in any language to any cloud.

  • puredns

    Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.

    Project mention: Project to Regularly and Automatically Update Docker Image (called RAUDI) | reddit.com/r/docker | 2022-01-08

    Of course, you mentioned that in the description of the project. I was going to send a PR for puredns. It builds on top of massdns, is easier to use, & incorporates wildcard filtering. Also, the maintainer has declined to dockerise the project.

  • go-dork

    The fastest dork scanner written in Go.

    Project mention: go-dork: El escáner dork más rápido escrito en Go 🌩 | reddit.com/r/u_esgeeks | 2021-04-05
  • cariddi

    Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more...

    Project mention: cariddi released! | dev.to | 2021-06-13

    https://github.com/edoardottt/cariddi Take a list of domains and scan for endpoints, secrets, api keys, file extensions, tokens and more...

  • ppmap

    A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.

    Project mention: How do I get the ppmap to fuzz test vulerable website with custom xss json payload to exploit client side prototype pollution cross site script? | reddit.com/r/xss | 2022-01-09
  • asnip

    ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

    Project mention: harleo/asnip - ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight | reddit.com/r/GithubSecurityTools | 2021-05-11
  • lit-bb-hack-tools

    Little Bug Bounty & Hacking Tools⚔️

    Project mention: crawley - the unix-way web-crawler | reddit.com/r/commandline | 2021-11-10

    it can crawl for js files, then you can use other tools (like: https://github.com/edoardottt/lit-bb-hack-tools/tree/main/eefjsf) to extract api endpoints.

  • goSCF

    Session Cookie Finder

    Project mention: goSCF: Encontrar principal(es) cookie(s) de sesión 🧐 | reddit.com/r/u_esgeeks | 2021-10-05
  • hacker-scoper

    A go application to filter scopes for hacking. Specially useful for researchers on bug-bounty programs.

    Project mention: "hacker-scoper": A FOSS Go tool to filter out-of-scope URLs, IPv4s and IPv6s auto-detecting public programs for your target. Specially useful for researchers on bug-bounty programs. | reddit.com/r/cybersecurity | 2021-11-08
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2022-01-09.

Go Bugbounty related posts


What are some of the best open-source Bugbounty projects in Go? This list will help you:

Project Stars
1 hetty 3,640
2 osmedeus 3,574
3 WebHackersWeapons 1,806
4 naabu 1,688
5 jaeles 1,420
6 urlhunter 1,182
7 interactsh 1,150
8 puredns 649
9 go-dork 506
10 cariddi 358
11 ppmap 290
12 asnip 183
13 lit-bb-hack-tools 72
14 goSCF 5
15 hacker-scoper 2
Find remote jobs at our new job board 99remotejobs.com. There are 30 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
Deliver Cleaner and Safer Code - Right in Your IDE of Choice!
SonarLint is a free and open source IDE extension that identifies and catches bugs and vulnerabilities as you code, directly in the IDE. Install from your favorite IDE marketplace today.