A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Making Favicon.ico based Recon Great again !
ANTLR v4 grammar-based test generator
Tools for BugHunting
Fuzzinator Random Testing Framework
LazyHunter is an automated reconnaissance tool designed for bug hunters, leveraging Shodan's InternetDB and CVEDB APIs
Docker Remote API Scanner and Exploit
Hunt down the secrets from the WebArchives for Fun and Profit
SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
A utility for detecting webpage inputs and conducting XSS scans.
Weaponizing Live CT logs for automated monitoring of assets
A CDN Domain Fronting Tool or Websocket Discovery written in Python
DNS hijacking via dead records automation tool
ParamWizard is a powerful Python-based tool designed for extracting and identifying URLs with parameters from a specified website. It provides a comprehensive way to discover hidden parameters within a web application by crawling and analyzing the URLs of the domain.
Writeup finder from medium or other
An Bug Hunters tool to find many Vulnerabilities using Google dorks
This is a tool for bug hunters
Extract parameters/paths from urls
FavHash is a script that converts url to favhash to use it in search engines.
A Unified Reconnaissance Tool for Pentesting
Add a description, image, and links to the bughunting topic page so that developers can more easily learn about it.
To associate your repository with the bughunting topic, visit your repo's landing page and select "manage topics."