Top 22 Bugbountytip Open-Source Projects

• HowToHunt

  2 5,587 6.3

  Collection of methodology and test case for various web vulnerabilities.

• AllAboutBugBounty

  3 5,423 3.5

  All about bug bounty (bypasses, payloads, and etc)

Project mention: How I hacked chess.com with a rookie exploit | news.ycombinator.com | 2024-01-26

Yeah, pretty close: "On-site request forgery"[0]

[0] https://github.com/daffainfo/AllAboutBugBounty/blob/master/O...

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• Awesome-Bugbounty-Writeups

  3 4,373 2.7 Python

  A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

• WebHackersWeapons

  1 3,645 8.4 Ruby

  ⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

• awesome-oneliner-bugbounty

  2 2,429 0.0

  A collection of awesome one-liner scripts especially for bug bounty tips.

• 31-days-of-API-Security-Tips

  2 2,057 0.0

  This challenge is Inon Shkedy's 31 days API Security Tips.

• HolyTips

  2 1,685 4.1

  A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• learn365

  1 1,513 0.0

  This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

• Galaxy-Bugbounty-Checklist

  1 1,314 6.1

  Tips and Tutorials for Bug Bounty and also Penetration Tests.

• API-SecurityEmpire

  1 1,285 2.8

  API Security Project aims to present unique attack & defense methods in API Security field (by Cyber-Guy1)

• Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes

  3 1,175 5.1

Project mention: Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes | /r/bugbounty | 2023-05-26

• metabigor

  1 1,139 6.4 Go

  OSINT tools and more but without API key

• Garud

  1 752 0.0 Shell

  An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

• MobileHackersWeapons

  1 641 4.9 Go

  Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

• ssti-payloads

  1 560 0.0

  🎯 Server Side Template Injection Payloads

  

• ppfuzz

  2 542 0.0 Rust

  A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

• Bug-Bounty-Methodology

  1 481 4.3 HTML

  These are my checklists which I use during my hunting.

• CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera

  7 321 0.0 HTML

  🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337

• csv-injection-payloads

  2 169 2.1

  🎯 CSV Injection Payloads

  

• PassDetective

  9 106 6.6 Go

  PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of sensitive information in your command history.

Project mention: PassDetective has released on Kali Linux | news.ycombinator.com | 2023-12-01

• sqli-postgres-rce-privesc-hacking-playground

  1 71 0.0 PHP

  Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.

• CloudSniffer

  1 52 4.6 Python

  CloudSniffer is a powerful tool designed to aid in the discovery of the real IP address of a website protected by Cloudflare. It leverages brute force techniques by testing a list of IP addresses and analyzing the status codes returned by the server to uncover the actual IP address of the target website.

Project mention: Privacy | /r/selfhosted | 2023-07-01

• SaaSHub

  www.saashub.com sponsored

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

Bugbountytips related posts

• How I hacked chess.com with a rookie exploit
  2 projects | news.ycombinator.com | 26 Jan 2024
• PassDetective has released on Kali Linux
  1 project | news.ycombinator.com | 1 Dec 2023
• Introducing PassDetective: Your Guardian Against Accidental Data Exposure in Command History! 🛡️🕵️‍♂️
  1 project | /r/Hacking_Tutorials | 26 Jul 2023
• Introducing PassDetective: Your Guardian Against Accidental Data Exposure in Command History! 🛡️🕵️‍♂️
  1 project | /r/blueteamsec | 26 Jul 2023
• Introducing PassDetective: Your Guardian Against Accidental Data Exposure in Command History! 🛡️🕵️‍♂️
  1 project | /r/golang | 24 Jul 2023
• Introducing PassDetective: Your Guardian Against Accidental Data Exposure in Command History! 🛡️🕵️‍♂️
  1 project | /r/blackhat | 24 Jul 2023
• Introducing PassDetective: Your Guardian Against Accidental Data Exposure in Command History! 🛡️🕵️‍♂️
  1 project | /r/Information_Security | 24 Jul 2023
• A note from our sponsor - WorkOS
  workos.com | 29 Apr 2024

  The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com