Python Bugbounty

Open-source Python projects categorized as Bugbounty
Edit details
Pentesting Python Security Hacking Recon
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

Top 23 Python Bugbounty Projects

Python logo
Bugbounty

  1. PayloadsAllTheThings

    A list of useful payloads and bypass for Web Application Security and Pentest/CTF

    Project mention: Irish-Name-Repo 2 - picoCTF '19 (web) | dev.to | 2025-09-06

    if you've never worked on SQL injection that's fine there is a PWNSOME REPOSITORY(get it? pwn + awesome) called[ Payload All The Things (https://github.com/swisskyrepo/PayloadsAllTheThings) it has different payloads for different web vulnerabilities.

  2. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo

  3. dirsearch

    Web path scanner

  4. bbot

    The recursive internet scanner for hackers. 🧡

    Project mention: Bee·bot is a multipurpose scanner | news.ycombinator.com | 2025-11-29

  5. OneForAll

    OneForAll是一款功能强大的子域收集工具

  6. DefaultCreds-cheat-sheet

    One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

  7. hackerone-reports

    Top disclosed reports from HackerOne

  8. apkleaks

    Scanning APK file for URIs, endpoints & secrets.

  9. Awesome-Bugbounty-Writeups

    A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

  10. commix

    Automated All-in-One OS Command Injection Exploitation Tool

    Project mention: Commix: Your New Secret Weapon for Command Injection Vulnerability Hunting | dev.to | 2025-08-30

    View the Project on GitHub

  11. can-i-take-over-xyz

    "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

  12. malicious-pdf

    💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp Collaborator or Interact.sh

  13. pagodo

    pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching

  14. reFlutter

    Flutter Reverse Engineering Framework

  15. requests-ip-rotator

    A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.

  16. Interlace

    Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

  17. FavFreak

    Making Favicon.ico based Recon Great again !

  18. Redcloud

    Automated Red Team Infrastructure deployement using Docker

  19. subscraper

    Subdomain and target enumeration tool built for offensive security testing

  20. emploleaks

    An OSINT tool that helps detect members of a company with leaked credentials

  21. JSshell

    JSshell - JavaScript reverse/remote shell

  22. CRLFsuite

    The most powerful CRLF injection (HTTP Response Splitting) scanner.

  23. basecrack

    Decode All Bases - Base Scheme Decoder

  24. Dome

    Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports. (by v4d1)

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Python Bugbounty discussion

Log in or Post with

Python Bugbounty related posts

  • Show HN: WP-Hunter, WP recon and SAST tool (building Agentic AI pipeline)

    1 project | news.ycombinator.com | 26 Feb 2026

  • dnsvalidator VS dnsanity - a user suggested alternative

    2 projects | 23 Oct 2025

  • dnsvalidator VS dnsanity - a user suggested alternative

    2 projects | 30 Sep 2025

  • 🐞 Comprehensive Bug Bounty Hunting Methodology

    9 projects | dev.to | 1 Jun 2025

  • Script kiddie tools preferred by the hackers of this channel?

    1 project | /r/hacking | 8 Jul 2023

  • MobSecco: A tool for Cloning apk for bypassing code tampering detection, Google Safety Net and scanning vulnerable plugins

    1 project | /r/cybersecurity | 2 Jul 2023

  • ParaForge: A BurpSuite extension to create a custom word list of endpoints and parameters for enumeration and fuzzing

    1 project | /r/cybersecurity | 30 Jun 2023
  • A note from our sponsor - SaaSHub
    www.saashub.com | 9 Jun 2026
    SaaSHub helps you find the best software and product alternatives Learn more →

Index

What are some of the best open-source Bugbounty projects in Python? This list will help you:

# Project Stars
1 PayloadsAllTheThings 78,176
2 dirsearch 14,328
3 bbot 9,836
4 OneForAll 9,821
5 DefaultCreds-cheat-sheet 6,589
6 hackerone-reports 6,216
7 apkleaks 6,092
8 Awesome-Bugbounty-Writeups 5,775
9 commix 5,749
10 can-i-take-over-xyz 5,645
11 malicious-pdf 3,706
12 pagodo 3,343
13 reFlutter 2,637
14 requests-ip-rotator 1,658
15 Interlace 1,289
16 FavFreak 1,283
17 Redcloud 1,272
18 subscraper 939
19 emploleaks 774
20 JSshell 632
21 CRLFsuite 594
22 basecrack 584
23 Dome 540

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com

Did you know that Python is
the 1st most popular programming language
based on number of references?

Loading...