SaaSHub helps you find the best software and product alternatives Learn more β
Top 21 bugbounty-tool Open-Source Projects
-
malicious-pdf
π Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
inql
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
-
Garud
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
ppmap
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
-
GRecon
Another version of katana, more automated but less stable. the purpose of this small tool is to run a Google based passive recon against your scope.
-
Reconky-Automated_Bash_Script
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
-
webstor
WebStor efficiently enumerates all websites across your organizationβs networks and those in your DNS records - including cloud-hosted servers via zone transfer data - stores their responses, and lets you query for known web technologies, including those with zero-day vulnerabilities.
-
PassDetective
PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of sensitive information in your command history.
-
Discord-Recon
Discord bot created to automate bug bounty recon, automated scans and information gathering via a discord server
-
CloudSniffer
CloudSniffer is a powerful tool designed to aid in the discovery of the real IP address of a website protected by Cloudflare. It leverages brute force techniques by testing a list of IP addresses and analyzing the status codes returned by the server to uncover the actual IP address of the target website.
-
OrgASM
A tool for Oragnized ASM (Attack Surface Mapper). Subdomains enumeration, IPs scans, Vulnerability assesment...
-
BurpPro-FastCrawler
The simplest way to integrate your subdomain enum outputs with Burp Pro (Fast Crawler)
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Wrote a tool two years ago that does some of the PDF-tests. But more could be added: https://github.com/jonaslejon/malicious-pdf
bugbounty-tool related posts
-
PassDetective has released on Kali Linux
-
Introducing PassDetective: Your Guardian Against Accidental Data Exposure in Command History! π‘οΈπ΅οΈββοΈ
-
Introducing PassDetective: Your Guardian Against Accidental Data Exposure in Command History! π‘οΈπ΅οΈββοΈ
-
Introducing PassDetective: Your Guardian Against Accidental Data Exposure in Command History! π‘οΈπ΅οΈββοΈ
-
Introducing PassDetective: Your Guardian Against Accidental Data Exposure in Command History! π‘οΈπ΅οΈββοΈ
-
Introducing PassDetective: Your Guardian Against Accidental Data Exposure in Command History! π‘οΈπ΅οΈββοΈ
-
Introducing PassDetective: Your Guardian Against Accidental Data Exposure in Command History! π‘οΈπ΅οΈββοΈ
-
A note from our sponsor - SaaSHub
www.saashub.com | 17 May 2024
Index
What are some of the best open-source bugbounty-tool projects? This list will help you:
Project | Stars | |
---|---|---|
1 | dalfox | 3,324 |
2 | malicious-pdf | 2,693 |
3 | inql | 1,470 |
4 | Galaxy-Bugbounty-Checklist | 1,324 |
5 | go-dork | 998 |
6 | Payloads | 840 |
7 | Garud | 750 |
8 | ppfuzz | 542 |
9 | ppmap | 446 |
10 | csprecon | 320 |
11 | GRecon | 210 |
12 | Reconky-Automated_Bash_Script | 193 |
13 | web-hacking-toolkit | 155 |
14 | webstor | 150 |
15 | PassDetective | 108 |
16 | Discord-Recon | 69 |
17 | s1c0n | 59 |
18 | CloudSniffer | 53 |
19 | OrgASM | 26 |
20 | Recon-Plus | 9 |
21 | BurpPro-FastCrawler | 7 |
Sponsored