Bug Bounty

Pentesting

Web Scanning

Vulnerability Scanning

Web Security

Git Scanner Framework

A tool for scanning websites with open .git repositories and dumping their content for Bug Hunting/Pentesting Purposes.

0

Pentesting

Web Scanning

+2

CloudBrute

A tool for discovering company infrastructure and apps on major cloud providers, beneficial for bug bounty hunters and penetration testers.

0

CloudBrute

A tool for discovering company infrastructure and apps on major cloud providers, beneficial for bug bounty hunters and penetration testers.

0

+1

Rexsser

A Burp plugin for identifying potential vulnerabilities in web applications

0

Vulnerability Scanning

Xss

Rexsser

A Burp plugin for identifying potential vulnerabilities in web applications

0

+3

Secure Coding Guidelines for Java SE

Guidelines for secure coding in Java SE to avoid bugs that could weaken security and open holes in Java's security features.

0

Secure Coding Guidelines for Java SE

Guidelines for secure coding in Java SE to avoid bugs that could weaken security and open holes in Java's security features.

0

+1

Sabotage: Code added to popular NPM package wiped files in Russia and Belarus

A developer added malicious code to a popular open-source package, wiping files on computers in Russia and Belarus as a protest.

0

Security Vulnerability

Software Security

Sabotage: Code added to popular NPM package wiped files in Russia and Belarus

A developer added malicious code to a popular open-source package, wiping files on computers in Russia and Belarus as a protest.

0

+2

Project Zero iPhone Messaging Tools

Repository of tools for testing iPhone messaging by Project Zero

0

Vulnerability Research

Project Zero iPhone Messaging Tools

Repository of tools for testing iPhone messaging by Project Zero

0

+3

Twitter's Vine Source Code Dump

A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.

0

Twitter's Vine Source Code Dump

A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.

0

Reconnaissance

Subdomain Scanning

+3

Node.js Bug Bounty Program

The Node.js Bug Bounty Program is a program aimed at identifying and fixing security vulnerabilities in the Node.js ecosystem.

0

Nodejs

Security Vulnerability

Node.js Bug Bounty Program

The Node.js Bug Bounty Program is a program aimed at identifying and fixing security vulnerabilities in the Node.js ecosystem.

0

Nodejs

Security Vulnerability

Commix-Testbed

A collection of real-world scenarios to evaluate command injection detection and exploitation abilities

0

Commix-Testbed

A collection of real-world scenarios to evaluate command injection detection and exploitation abilities

0

Appsec

Apparmor

Appsec Testing

+2

Bug Bounty Cheat Sheet

Comprehensive reference guide for bug bounty hunters with detailed information on various vulnerabilities, platforms, tools, and best practices.

0

Bug Bounty Cheat Sheet

Comprehensive reference guide for bug bounty hunters with detailed information on various vulnerabilities, platforms, tools, and best practices.

0

bounty-targets-data

A repository containing hourly-updated data dumps of bug bounty platform scopes

0

bounty-targets-data

A repository containing hourly-updated data dumps of bug bounty platform scopes

0

PortSwigger

A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.

0

Web Application Security

Web Security

PortSwigger

A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.

0

+4

0xf.at Hackits

Solve password-riddles on a website without logins or ads.

0

0xf.at Hackits

Solve password-riddles on a website without logins or ads.

0

hackxor

A platform offering hacking missions to test and enhance skills.

0

hackxor

A platform offering hacking missions to test and enhance skills.

0

+1

Hack Yourself First

Platform for users to test cybersecurity skills by exploiting vulnerabilities.

0

Hack Yourself First

Platform for users to test cybersecurity skills by exploiting vulnerabilities.

0

Ctf

Hacking

+3

Hacksplaining

Comprehensive security training platform for web developers, offering hands-on experience with real, vulnerable applications and concrete advice for securing code.

0

Hacksplaining

Comprehensive security training platform for web developers, offering hands-on experience with real, vulnerable applications and concrete advice for securing code.

0

+3

rdppot

RDP based Honeypot that creates virtual machines for incoming connections and analyzes traffic with Suricata.

0

rdppot

RDP based Honeypot that creates virtual machines for incoming connections and analyzes traffic with Suricata.

0

+2

HonnyPotter

HonnyPotter is a WordPress plugin that logs all failed login attempts, with a caution to use it at your own risk.

0

HonnyPotter

HonnyPotter is a WordPress plugin that logs all failed login attempts, with a caution to use it at your own risk.

0

+2

damnvulnerable.me

A deliberately vulnerable modern day app with lots of DOM related bugs

0

damnvulnerable.me

A deliberately vulnerable modern day app with lots of DOM related bugs

0

+4

Weakpass

A comprehensive collection of wordlists for bruteforcing and password cracking, covering various hashing algorithms and sizes.

0

Weakpass

A comprehensive collection of wordlists for bruteforcing and password cracking, covering various hashing algorithms and sizes.

0

+2

bWAPP

A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.

0

Web Application Security

Web Security

bWAPP

A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.

0

Appsec