Bug Bounty
Explore 40 curated cybersecurity tools, with 14,275 visitors searching for solutions
FEATURED
Online platform offering 700+ hands-on web security exercises and training
Online platform offering 700+ hands-on web security exercises and training
Managed VDP platform for secure vulnerability reporting and triage
Managed VDP platform for secure vulnerability reporting and triage
Platform for managing offensive security tests including pentests and bug bounties
Platform for managing offensive security tests including pentests and bug bounties
Generates test cases by injecting known bugs into code for testing DevSecOps.
Generates test cases by injecting known bugs into code for testing DevSecOps.
Platform for on-demand pentests & bug bounties via vetted security researchers
Platform for on-demand pentests & bug bounties via vetted security researchers
Human-driven vuln discovery & assessment with patch verification
Human-driven vuln discovery & assessment with patch verification
Platform for responsible disclosure of security vulnerabilities
Platform for responsible disclosure of security vulnerabilities
Managed vulnerability disclosure program with triage and researcher coordination
Managed vulnerability disclosure program with triage and researcher coordination
Continuous penetration testing platform with managed security researchers
Continuous penetration testing platform with managed security researchers
Scans repositories for exposed secrets, API keys, and credentials for bug bounty
Scans repositories for exposed secrets, API keys, and credentials for bug bounty
MCP server enabling AI agents to autonomously run 150+ security tools
MCP server enabling AI agents to autonomously run 150+ security tools
A web-based payload repository that generates and encodes ready-to-use exploits for SQL injection, XSS, file inclusion, and command injection vulnerabilities.
A web-based payload repository that generates and encodes ready-to-use exploits for SQL injection, XSS, file inclusion, and command injection vulnerabilities.
SecTemplates provides free security program templates, runbooks, and documentation resources for information security professionals and engineering teams.
SecTemplates provides free security program templates, runbooks, and documentation resources for information security professionals and engineering teams.
A fast and reliable port scanner written in Go, designed for attack surface discovery in bug bounties and penetration testing.
A fast and reliable port scanner written in Go, designed for attack surface discovery in bug bounties and penetration testing.
Educational repository containing materials on advanced subdomain enumeration techniques from Bugcrowd LevelUp 2017 conference.
Educational repository containing materials on advanced subdomain enumeration techniques from Bugcrowd LevelUp 2017 conference.
A format conversion tool for S3 buckets designed to assist bug bounty hunters and security testers in standardizing bucket data during reconnaissance activities.
A format conversion tool for S3 buckets designed to assist bug bounty hunters and security testers in standardizing bucket data during reconnaissance activities.
A subdomain enumeration tool for bug hunting and pentesting
A company that helps organizations create security-aware teams and produce bug-free software.
A company that helps organizations create security-aware teams and produce bug-free software.
A Python tool that mines URLs from web archives to assist security researchers in discovering potential attack surfaces for bug hunting and vulnerability assessment.
A Python tool that mines URLs from web archives to assist security researchers in discovering potential attack surfaces for bug hunting and vulnerability assessment.
A fast web crawler for discovering endpoints and assets within web applications during security reconnaissance.
A fast web crawler for discovering endpoints and assets within web applications during security reconnaissance.
A bash-based framework for discovering and extracting exposed .git repositories from web servers during penetration testing and bug bounty activities.
A bash-based framework for discovering and extracting exposed .git repositories from web servers during penetration testing and bug bounty activities.
A black-box reconnaissance tool that discovers cloud infrastructure, files, and applications across major cloud providers for security testing purposes.
A black-box reconnaissance tool that discovers cloud infrastructure, files, and applications across major cloud providers for security testing purposes.
Guidelines for secure coding in Java SE to avoid bugs that could weaken security and open holes in Java's security features.
Guidelines for secure coding in Java SE to avoid bugs that could weaken security and open holes in Java's security features.
A developer added malicious code to a popular open-source package, wiping files on computers in Russia and Belarus as a protest.
A developer added malicious code to a popular open-source package, wiping files on computers in Russia and Belarus as a protest.
