bug-bounty-reference by ngalongc

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

created at Sept. 1, 2016, 12:53 p.m.

239 +0

3,754 +4

988 -1

prowler by prowler-cloud

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

created at Aug. 24, 2016, 3:12 p.m.

130 +0

10,847 +39

1,543 +3

js-vuln-db by tunz

A collection of JavaScript engine CVEs with PoCs

created at Aug. 6, 2016, 1:02 a.m.

185 +0

2,291 +2

405 +0

tplmap by epinna

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

created at July 6, 2016, 8:33 p.m.

83 +1

3,794 +9

671 +1

charsetinspect by hack-all-the-things

A script that inspects multi-byte character sets looking for characters with specific user-defined properties

created at June 23, 2016, 3:09 p.m.

3 +0

26 +0

7 +0

IPObfuscator by OsandaMalith

A simple tool to convert the IP to a DWORD IP

created at April 30, 2016, 11:32 p.m.

9 +0

138 +0

46 +0

VWGen by qazbnm456

Vulnerable Web applications Generator

created at April 12, 2016, 4:06 p.m.

7 +0

84 +0

18 +0

GitMiner by UnkL4b

Tool for advanced mining for content on Github

created at Feb. 27, 2016, 12:30 p.m.

108 +0

2,092 +2

426 +0

pwngitmanager by allyshka

Git manager for pentesters

created at Feb. 25, 2016, 6:14 a.m.

6 +0

107 +0

22 +0

awesome-bug-bounty by djadmin

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

created at Feb. 13, 2016, 11 p.m.

297 +0

4,662 +16

918 +0

JoomlaScan by drego85

A free software to find the components installed in Joomla CMS, built out of the ashes of Joomscan.

created at Feb. 11, 2016, 9:28 p.m.

20 +0

215 +0

68 -1

a2sv by hahwul

Auto Scanning to SSL Vulnerability

created at Jan. 25, 2016, 7:15 a.m.

46 +0

627 +1

169 +0

fuzz.txt by Bo0oM

Potentially dangerous files

created at Jan. 19, 2016, 1:35 p.m.

86 +0

2,885 +2

488 +1

XSS.png by LucaBongiorni

A XSS mind map ;)

created at Jan. 16, 2016, 7:47 a.m.

5 +0

56 +0

136 +0

malware-jail by HynekPetrak

Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js

created at Jan. 10, 2016, 10:41 p.m.

46 +0

460 +0

100 +0

Sublist3r by aboul3la

Fast subdomains enumeration tool for penetration testers

created at Dec. 15, 2015, 12:55 a.m.

231 +0

9,880 +18

2,104 -2

aquatone by michenriksen

A Tool for Domain Flyovers

created at Nov. 19, 2015, 11:30 a.m.

136 +0

5,643 +2

885 +2

notes by ChALkeR

Some public notes

created at Oct. 17, 2015, 11:02 p.m.

92 +0

1,268 +1

77 +0

fuzzdb by fuzzdb-project

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

created at Sept. 10, 2015, 5:54 p.m.

366 +0

8,244 +8

2,098 -1

HTTPLeaks by cure53

HTTPLeaks - All possible ways, a website can leak HTTP requests

created at April 17, 2015, 2:48 p.m.

90 +0

1,980 -1

202 +0