Top 11 Bounty Open-Source Projects

• PayloadsAllTheThings

  34 56,534 8.6 Python

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Project mention: php shell not executed in wordpress | /r/hacking | 2023-12-08

Also https://github.com/swisskyrepo/PayloadsAllTheThings I'm sure there's a few test php files in here for filter bypasses too

• bounty-targets-data

  1 2,964 0.0

  This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• hledger

  86 2,750 9.8 Haskell

  Robust, fast, intuitive plain text accounting tool with CLI, TUI and web interfaces.

Project mention: Double-Entry Bookkeeping as a Directed Graph | news.ycombinator.com | 2024-04-10

I'm surprised that there is no mentions of a great hacker-friendly plain-text accounting software called `ledger` https://ledger-cli.org/ in this thread. It has amazing documentation when it comes to understanding basic principles of double-entry bookkeeping and goes through many typical situations and usecases. There are also several forks, most popular and advanced is `hledger` https://hledger.org/ (h is for Haskell), which provides some neat features out of the box, such as a simple web interface. All of them are very primitive compared to "professional" accounting software, but in return it offers great opportunities for hacking around while ensuring validity of your books.

• Odoo

  1 814 0.0 JavaScript

  Javascript and SVG odometer effect library with motion blur

• nmap-formatter

  1 592 6.4 Go

  A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot) or sqlite. Simply put it's nmap converter.

Project mention: NMAP-formatter: convert NMAP results to HTML, CSV, JSON, graphviz (dot), SQLite | news.ycombinator.com | 2024-01-26

• ssti-payloads

  1 558 0.0

  🎯 Server Side Template Injection Payloads

  

• BucketLoot

  3 332 7.0 Go

  BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.

  

Project mention: Open source S3 bucket scanner for secrets and assets | news.ycombinator.com | 2023-10-11

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• RVD

  1 158 0.0 Python

  Robot Vulnerability Database. An archive of robot vulnerabilities and bugs. (by aliasrobotics)

  

Project mention: Unsafe YAML exploitation | /r/ROS | 2023-12-11

• MannVsMann

  1 37 5.8 SourcePawn

  A plugin for Team Fortress 2 that brings Mann vs. Machine upgrades and mechanics to other gamemodes

• dn-institute

  1 19 9.6 Python

  Distributed Networks Institute

  

Project mention: 🌟 GitHub Challenge: Improve QA Bots with GH Actions - Crypto Attack Wiki 🌟 | /r/github | 2023-11-24

👉 To participate, click here

• RAM

  1 15 0.0 Shell

  Bypass http 403 🐏 (by melihi)

Bounty related posts

• Open source S3 bucket scanner for secrets and assets
  1 project | news.ycombinator.com | 11 Oct 2023
• Introducing BucketLoot - An Automated Cloud Bucket Inspector
  1 project | /r/linux | 26 Jul 2023
• Mass testing for bugs
  1 project | /r/bugbounty | 14 Jan 2021

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com