Web path scanner
翻译 - 网络路径扫描仪
A list of resources for those interested in getting started in bug bounties
翻译 - 那些有兴趣开始赏金的人的资源列表
A Security Tool for Bug Bounty, Pentest and Red Teaming.
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
This challenge is Inon Shkedy's 31 days API Security Tips.
翻译 - 这项挑战是Inon Shkedy的31天API安全提示。
Subdomain Takeover tool written in Go
翻译 - Go编写的子域接管工具
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through...
翻译 - Burp Bounty(BApp Store中的Scan Check Builder)是Burp Suite的扩展,它使您可以通过非常直观的图形界面通过个性化规则,以快速简便的方式改进主动和被动扫描仪。
A collection of one-liners for bug bounty hunting.
Reconnaissance tool for GitHub code search. Scans for exposed API keys across all of GitHub, not just known repos and orgs.
翻译 - GitHound使用模式匹配,提交历史搜索和独特的结果评分系统来精确定位GitHub上公开的API密钥。批量捕获,模式匹配,补丁攻击的秘密抢夺者。
🦄 🦄 🦄 Peripheral smart contracts for interacting with Uniswap v3
翻译 - 与Uniswap v3交互的外围智能合约
BUG BOUNTY WRITEUPS - OWASP TOP 10 🔴🔴🔴🔴✔
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
翻译 - VAJRA是一种高度可定制的目标和基于范围的自动网络黑客框架,可在Web应用程序穿透测试期间自动化钻孔RECOR任务和多个目标的相同扫描。
Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests with 14 payloads and checking for 152 regex patterns for differe...
📦 An independent package manager that every hacker deserves.
A CLI utility to find domain's known URLs from curated passive online sources.
crawls the website and finds broken social media links that can be hijacked
