SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 Go Bugbounty Projects
-
Project mention: Ask HN: How did internet discover my subdomain? | news.ycombinator.com | 2025-03-06
I'm surprised nobody mentioned subfinder yet: https://github.com/projectdiscovery/subfinder
Subfinder uses different public and private sources to discover subdomains. Certificate Transparency logs are a great source, but it also has some other options.
-
InfluxDB
InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
-
httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library. (by projectdiscovery)
-
-
scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
-
-
hakrawler
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
-
Project mention: Hacking misconfigured AWS S3 buckets: A complete guide | news.ycombinator.com | 2024-09-09
-
-
-
puredns
Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
Project mention: Recon v2: Um curto update sobre como estou mudando meu processo de recon | dev.to | 2025-02-09 -
cariddi
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
-
gotestwaf
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
-
-
-
git-hound
Recon tool leveraging GitHub Code Search API. Scans for exposed API keys across all of GitHub, not just known repos and orgs.
-
nomore403
🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast. Precise. Effective.
-
-
-
Project mention: ⛈️ Cloud Penetration Testing: A Practical Guide to Securing Your Cloud Infrastructure | dev.to | 2024-12-03
# Clone and setup CloudBrute git clone https://github.com/0xsha/CloudBrute cd CloudBrute # Run a scan against a target domain ./CloudBrute -d target.com -k wordlist.txt -m storage -t 80
-
cent
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place (by xm1k3)
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Go Bugbounty discussion
Go Bugbounty related posts
-
Ask HN: Is there a service that offers Common Crawl as an API?
-
Recon v2: Um curto update sobre como estou mudando meu processo de recon
-
Subfinder: Fast passive subdomain enumeration tool
-
Wayurls
-
HTTP toolkit that allows running multiple probes
-
Uncover: Quickly find exposed hosts using multiple search engines
-
Exiflooter has released on Black Arch Linux
-
A note from our sponsor - SaaSHub
www.saashub.com | 13 May 2025
Index
What are some of the best open-source Bugbounty projects in Go? This list will help you:
# | Project | Stars |
---|---|---|
1 | subfinder | 11,647 |
2 | httpx | 8,483 |
3 | hetty | 6,888 |
4 | scan4all | 5,667 |
5 | osmedeus | 5,582 |
6 | hakrawler | 4,701 |
7 | dalfox | 4,251 |
8 | interactsh | 3,746 |
9 | S3Scanner | 2,754 |
10 | uncover | 2,598 |
11 | jaeles | 2,231 |
12 | puredns | 1,864 |
13 | cariddi | 1,668 |
14 | gotestwaf | 1,658 |
15 | urlhunter | 1,587 |
16 | metabigor | 1,322 |
17 | git-hound | 1,293 |
18 | nomore403 | 1,243 |
19 | go-dork | 1,196 |
20 | scilla | 1,007 |
21 | CloudBrute | 1,004 |
22 | cent | 970 |
23 | shortscan | 929 |