124 Open Source Bug Bounty Software Projects
Free and open source bug bounty code projects including engines, APIs, generators, and tools.
Hack With Github Awesome Hacking 48399 ⭐
A collection of various awesome lists for hackers, pentesters and security researchers
Resources For Beginner Bug Bounty Hunters 7256 ⭐
A list of resources for those interested in getting started in bug bounties
Subfinder 4611 ⭐
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
Burpbounty 1224 ⭐
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Sublert 783 ⭐
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Git Hound 740 ⭐
Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
Security Tools 572 ⭐
My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.
Injuredandroid 460 ⭐
A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Aaaguirrep Pentest 421 ⭐
Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Not Your Average Web Crawler 119 ⭐
A web crawler (for bug hunting) that gathers more than you can imagine.
Keye 101 ⭐
Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Ecommerce Website Security Checklist 117 ⭐
List of considerations for commerce site auditing and security teams. This is summary of action points and areas that need to be built into the Techinical Specific Document, or will be checked in the Security testing phases.
Subtake 113 ⭐
Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.
Sqli Query Tampering 121 ⭐
SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Googledorker 115 ⭐
This is a simple tool to automate google dorking when doing web penetration testing or bug hunting.
Clickjacking Tester 78 ⭐
A python script designed to check if the website if vulnerable of clickjacking and create a poc
Codingo Bbr 164 ⭐
An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
Awesome Blockchain Bug Bounty 50 ⭐
A comprehensive curated list of available Blockchain Bug Bounty Programs.
Bucket Flaws 36 ⭐
Bucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
Awesome Bbht 370 ⭐
A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Filter Var Sqli 26 ⭐
Bypassing FILTER_SANITIZE_EMAIL & FILTER_VALIDATE_EMAIL filters in filter_var for SQL Injection ( xD )
Tijme Detective 15 ⭐
A private detective that gathers information you're not supposed to know about.
Pry0cc Axiom 2455 ⭐
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
Awesome Oneliner Bugbounty 1202 ⭐
A collection of awesome one-liner scripts especially for bug bounty tips.
Rengine 3506 ⭐
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
Subdomainizer 1152 ⭐
Vajra 535 ⭐
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Dirdar 298 ⭐
DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it
Deletescape Goop 330 ⭐
Yet another tool to dump a git repository from a website, focused on as-complete-as-possible dumps and handling weird edge-cases.
Ppmap 283 ⭐
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
Dorkscout 156 ⭐
DorkScout - Golang tool to automate google dork scan against the entiere internet or specific targets
Revsuit 201 ⭐
RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.
Fleex 122 ⭐
Fleex allows you to create multiple VPS on cloud providers and use them to distribute your workload.
Vulnsearch 91 ⭐
A deep look at some recon methodologies and web-application vulnerabilities of my interest where I will merge all my notes gathered from books, videos, articles and own experience with bug bounty hunting / web and network hacking
Iamlucif3r Bug Hunting 88 ⭐
A Collection of Notes, Methodologies, POCs and everything else related to Bug Hunting.
Mildew 76 ⭐
Dotmil subdomain discovery tool that scrapes domains from official DoD website directories and certificate transparency logs
Sub Drill 64 ⭐
A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
Viewstamped Replication Made Famous 65 ⭐
A $20k consensus challenge based on TigerBeetle's implementation of the pioneering Viewstamped Replication protocol.
Bb Legal Fr 51 ⭐
Quelques conseils autour des obligations légales, fiscales et juridique pour la pratique du Bug Bounty en France