A collection of notes for bug bounty hunting

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

Nice list of google dorks for SQL injection

🌌️Fuzz4All: Universal Fuzzing with Large Language Models

Some files for bruteforcing certain things.

EndExt is a .go tool for extracting all the possible endpoints from the JS files

GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep

Rockyou for web fuzzing

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

Scanning APK file for URIs, endpoints & secrets.

Quickly discover exposed hosts on the internet using multiple search engines.

Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a variety of supported platforms.

Community curated list of templates for the nuclei engine to find security vulnerabilities.

how to look for Leaked Credentials !

A subdomain fuzzing tool

This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

game of active directory

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

Parse OpenAPI specifications, previously known as Swagger specifications, into the BurpSuite for automating RESTful API testing – approved by Burp for inclusion in their official BApp Store.

📲 ChatGPT Android demonstrates a Chatbot application using OpenAI's chat API on Android with Stream Chat SDK for Compose.

Tool to bypass 403/40X response codes.

iOS platform security & anti-tampering Swift library

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

bash script for Subdomain Enumeration

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…

Set of useful android network tools

Find, verify, and analyze leaked credentials