A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
A Workflow Engine for Offensive Security
A Security Tool for Bug Bounty, Pentest and Red Teaming.
Subdomain Takeover tool written in Go
OSINT tools and more but without API key
A Powerful Subdomain Takeover Tool
crawls the website and finds broken social media links that can be hijacked
Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/or bug bounty targets!
A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact directly with the target but instead gathers data that is already publicly available.
Yet another tool to dump a git repository from a website, focused on as-complete-as-possible dumps and handling weird edge-cases.
RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.
A fast WordPress plugin enumeration tool
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
Gotator is a tool to generate DNS wordlists through permutations.
ExifLooter finds geolocation on all image urls and directories also integrates with OpenStreetMap
DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it
Little Bug Bounty & Hacking Tools⚔️
Fleex makes it easy to create multiple VPS on cloud providers and use them to distribute workloads.
DorkScout - Golang tool to automate google dork scan against the entiere internet or specific targets
Hawkeye filesystem analysis tool