awesome-bug-bounty by djadmin

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

created at Feb. 13, 2016, 11 p.m.

289 +0

4,387 +1

898 +0

Some-PoC-oR-ExP by coffeehb

各种漏洞poc、Exp的收集或编写

created at March 13, 2015, 3:31 p.m.

156 +0

2,329 +6

968 +0

bug-bounty-reference by ngalongc

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

created at Sept. 1, 2016, 12:53 p.m.

242 -1

3,606 -2

974 -2

subDomainsBrute by lijiejie

A fast sub domain brute tool for pentesters

created at April 1, 2015, 7:22 a.m.

116 +0

3,386 +5

1,009 +0

sql-injection-payload-list by payloadbox

🎯 SQL Injection Payload List

created at Oct. 30, 2019, 5:03 a.m.

90 +1

4,378 +18

1,079 +5

Infosec_Reference by rmusser01

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

created at Sept. 13, 2014, 12:08 a.m.

266 -1

5,363 +1

1,178 -2

wpscan by wpscanteam

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com

created at July 11, 2012, 8:27 p.m.

264 +0

8,258 +7

1,240 +4

gitleaks by gitleaks

Protect and discover secrets using Gitleaks 🔑

created at Jan. 27, 2018, 6:19 p.m.

153 +0

15,336 +28

1,321 +6

wfuzz by xmendez

Web application fuzzer

created at Oct. 22, 2014, 9:23 p.m.

168 +0

5,663 +9

1,332 +1

prowler by prowler-cloud

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

created at Aug. 24, 2016, 3:12 p.m.

118 -1

9,618 +40

1,404 +9

Photon by UltimateHackers

Incredibly fast crawler designed for OSINT.

created at March 30, 2018, 7:38 p.m.

322 +0

10,534 +13

1,453 -1

xss-payload-list by payloadbox

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

created at April 23, 2018, 6:09 a.m.

139 +0

5,673 +19

1,580 +2

XSStrike by UltimateHackers

Most advanced XSS scanner.

created at June 26, 2017, 7:24 a.m.

274 +0

12,743 +15

1,847 +2

Sublist3r by aboul3la

Fast subdomains enumeration tool for penetration testers

created at Dec. 15, 2015, 12:55 a.m.

233 +0

9,281 +15

2,052 +2

beef by beefproject

The Browser Exploitation Framework Project

created at Nov. 23, 2011, 6:53 a.m.

438 -1

9,406 +10

2,060 +1

EQGRP by x0rz

Decrypted content of eqgrp-auction-file.tar.xz

created at April 8, 2017, 2:03 p.m.

397 +0

4,072 +2

2,071 +4

fuzzdb by fuzzdb-project

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

created at Sept. 10, 2015, 5:54 p.m.

367 +0

7,974 +7

2,074 +0

nuclei by projectdiscovery

Fast and customizable vulnerability scanner based on simple YAML based DSL.

created at April 3, 2020, 6:47 p.m.

215 +0

17,389 +76

2,256 +9

radare2 by radareorg

UNIX-like reverse engineering framework and command-line toolset

created at July 3, 2012, 7:42 a.m.

483 -2

19,678 +20

2,938 +1

CyberChef by gchq

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

created at Nov. 28, 2016, 10:34 a.m.

376 -4

25,763 +74

2,967 +2