zubemx Goto Github PK

resources-for-beginner-bug-bounty-hunters

A list of resources for those interested in getting started in bug bounties

route-detect

Find authentication (authn) and authorization (authz) security bugs in web application routes.

s3-buckets-finder

Find AWS S3 buckets and test their permissions.

s3scanner

Scan for misconfigured S3 buckets across S3-compatible APIs!

scan4all-web-app

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

security-tools

My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.

share

A share to provide content to the community

signup-page

simple-python-wordpress-scraper

This is a simple Python script designed to scrape data from hacker news and import it into WordPress

socialhunter

crawls the website and finds broken social media links that can be hijacked

sqli-tools

Blind SQL Injection (BSQLI) Data Exploration Tool

sqli_sleeps

sqlidetector

Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases.

starting

subdomainizer

A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

subdominator

SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty

sudomy

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

technohacks-internship-assessments

tiny-xss-payloads

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

top25-parameter

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

uscrapper

Uscrapper Vanta: Dive deeper into the web with this powerful open-source tool. Extract valuable insights with ease and efficiency, from both surface and deep web sources. Empower your data mining and analysis with Vanta's advanced capabilities. Fast, reliable, and user-friendly, Uscrapper Vanta is the ultimate choice for researchers and analysts.

vulnerability-checklist

This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter

web-app-pentest-checklist

A OWASP Based Checklist With 500+ Test Cases

webhunt

Web App bug hunting

whichride

website template for whichride

whichride-template

whichride website template

wordlists

📜 A collection of wordlists for many different usages

wordpress-auto-admin-account-and-reverse-shell-cve-2024-27956

WordPress Auto Admin Account Creation and Reverse Shell cve-2024-27956 automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server. It utilizes the wp-automatic plugin's CSV injection vulnerability to execute SQL queries

wordpress-exploit-framework

A Ruby framework designed to aid in the penetration testing of WordPress systems.

wordpress-hacking

A collection of useful resources for hacking WordPress and it's plugins and themes