Bug Bounty Tool List Which are useful for Bug Hunting , Ethical Hacking & CyberSecurity
-
Updated
May 11, 2024
Bug Bounty Tool List Which are useful for Bug Hunting , Ethical Hacking & CyberSecurity
This script is designed to identify and extract potential sensitive information from the source code of given URLs. It employs regular expressions to search for patterns associated with various types of sensitive data, including API keys, access tokens, and private keys.
Walker is a Go-based tool designed to help identify secrets within binary files
A simple Python script for brute-forcing directories using a wordlist.
Get related domains / subdomains by looking at Google Analytics IDs
Wordlist Generator
Simply output a random user-agent. Use it with tools that don't have a --random-agent flag. Like `random-agent` or $(random-agent)
Domainer is a Go script that allows you to extract the root domains from a list of domains based on the ARPANET RFC's for (top-level) domains (TLDs). It removes the scheme (if present) from the input domains and extracts the last label before the TLD to produce the root domain. The extracted root domains are then printed as output.
All the tools you need for webapp pentesting & bug bouty hunting
npm PoC packages
DarkScout is a simple, nimble subdomain enumeration tool written in Rust language. It is designed to help bug bounty hunters, security professionals and penetration testers discover subdomains of a given target domain.
A comprehensive collection of 100 essential commands for ethical hacking and bug bounty hunting. This arsenal covers various aspects of security testing, including domain enumeration, vulnerability scanning, and more.
My private bug bounty scripts i have written under the years for real time projects within bug bounty hunting and penetration testing(red team).
This script take a URL or list of subdomain and the required DIR for specific CVE and give the response code for each url
oldhost is a tool for bug bounty hunters to discover old hosts that are no longer available, but might still be present on different known and related servers.
Library for fuzzing & attacking JSON Web Tokens (JWTs). Bindings for other languages included.
Find subdomains and urls in Javascript files
Automatic Google Dorker And Support Proxy
Add a description, image, and links to the bug-bounty-tools topic page so that developers can more easily learn about it.
To associate your repository with the bug-bounty-tools topic, visit your repo's landing page and select "manage topics."