Powerful document editing and collaboration in your app or environment. Ultimate security, API and 30+ ready connectors, SaaS or on-premises Learn more →
Top 23 Go Bugbounty Projects
-
Subfinder
-
Project mention: Hetty - An http toolkit for security research. | reddit.com/r/github_trends | 2022-08-12
-
ONLYOFFICE
ONLYOFFICE Docs — document collaboration in your environment. Powerful document editing and collaboration in your app or environment. Ultimate security, API and 30+ ready connectors, SaaS or on-premises
-
httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library. (by projectdiscovery)
Httpx: https://github.com/projectdiscovery/httpx
-
-
hakrawler
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
This week i have used https://github.com/hakluke/hakrawler and I think it meets youre requirements.
-
scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
Project mention: GitHub - hktalent/scan4all: Vulnerabilities Scan: 15000+PoCs; 20 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty... | reddit.com/r/devopsish | 2022-07-31 -
Dalfox is great: https://github.com/hahwul/dalfox
-
CodiumAI
TestGPT | Generating meaningful tests for busy devs. Get non-trivial tests (and trivial, too!) suggested right inside your IDE, so you can code smart, create more value, and stay confident when you push.
-
-
-
puredns
Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
-
gotestwaf
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
Project mention: Open Source Pentest Tool - GoTestWAF (Need Feedback) | reddit.com/r/cybersecurity | 2022-12-08Hi guys! On Blackhat Arsenal 2022 I saw this tool: https://github.com/wallarm/gotestwaf
-
cariddi
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
cariddi is an open source (https://github.com/edoardottt/cariddi) web security tool. It takes as input a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more.
-
Project mention: Metabigor - An Intelligence tool, its goal is to do OSINT tasks and more but without any API key. | reddit.com/r/CKsTechNews | 2023-03-30
-
-
-
-
cent
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place (by xm1k3)
Project mention: cent: Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place | reddit.com/r/blueteamsec | 2022-11-26 -
MobileHackersWeapons
Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
-
-
ppmap
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
-
exifLooter
ExifLooter finds geolocation on all image urls and directories also integrates with OpenStreetMap
Project mention: Canthide finds All Locations by looking at a given Social Media account using AI and Exif Metadata. | reddit.com/r/coolgithubprojects | 2022-09-05I use ExifLooter by aydinnyunus to analyse metadata : https://github.com/aydinnyunus/exifLooter
-
xurlfind3r
A CLI utility to find domain's known URLs passively from AlienVault's Open Threat Exchange, Common Crawl, Github, Intelligence X, URLScan, and the Wayback Machine.
-
hijagger
Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration
Project mention: hijagger: Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration | reddit.com/r/netsec | 2022-07-11 -
SonarQube
Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
Go Bugbounty related posts
- I built an open-source cloud security tool
- Open-source Cloud Security Platform
- Open-source CSPM -- PoLP
- I'm building an open-source cloud security platform!
- ZeusCloud
- ZeusCloud – an open source cloud security platform
- cariddi v1.3.1 is out🥳
-
A note from our sponsor - ONLYOFFICE
www.onlyoffice.com | 28 May 2023
Index
What are some of the best open-source Bugbounty projects in Go? This list will help you:
Project | Stars | |
---|---|---|
1 | subfinder | 7,613 |
2 | hetty | 5,240 |
3 | httpx | 5,144 |
4 | osmedeus | 4,452 |
5 | hakrawler | 3,745 |
6 | scan4all | 3,592 |
7 | dalfox | 2,562 |
8 | jaeles | 1,839 |
9 | urlhunter | 1,351 |
10 | puredns | 1,256 |
11 | gotestwaf | 1,161 |
12 | cariddi | 913 |
13 | metabigor | 913 |
14 | go-dork | 790 |
15 | dontgo403 | 628 |
16 | scilla | 608 |
17 | cent | 557 |
18 | MobileHackersWeapons | 507 |
19 | socialhunter | 423 |
20 | ppmap | 404 |
21 | exifLooter | 311 |
22 | xurlfind3r | 296 |
23 | hijagger | 253 |