spongyb Goto Github PK

kingofbugbountytips

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..

kiterunner

Contextual Content Discovery Tool

learn365

The purpose of #Learn365 collection is to create informational content in multiple codecs and share with the community to allow knowledge advent and studying.

linkfinder

A python script that finds endpoints in JavaScript files

log4j-detect

Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading

log4j-scanner

Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth.

log4j2scan

Log4j2 RCE Passive Scanner plugin for BurpSuite

logmepwn

A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.

msdnsscan

MayorSec DNS Enumeration Tool

naabu

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

oh365userfinder

Python3 o365 User Enumeration Tool

onelistforall

Rockyou for web fuzzing

openbb-scope

OpenBugBounty - https://www.openbugbounty.org/ programs list

osmedeus

A Workflow Engine for Offensive Security

paramspider

Mining parameters from dark corners of Web Archives

plution

Prototype pollution scanner using headless chrome

project-morya

Project Morya is just a collection of bash scripts that runs iteratively to carry out various tools and recon process & store output in an organized way

proto-find

Let's check if your target is vulnerable for client side prototype pollution.

protoscan

Prototype Pollution Scanner

recon_profile

reconaizer

A Burp Suite extension to add OpenAI to Burp to help you with your Bug Bounty recon!

reconator

Automated Recon for Pentesting & Bug Bounty

reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

rengine

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

s3-buckets-aio-pwn

An AIO Tool to check for Vulnerable Amazon S3 Buckets as part of Bug Bounty, the uniqueness of this tool is that it can take a file full of buckets, and check all of them with various attack scenarios if they are vulnerable

s3scanner

Scan for open S3 buckets and dump the contents

scant3r

ScanT3r - Module based Bug Bounty Automation Tool

slurp

The original slurp source

slurp-1

A blazing fast & feature rich Amazon S3 bucket enumerator.

sn1per

Attack Surface Management Platform | Sn1perSecurity LLC