A comprehensive list of bug bounty write-ups categorized by the nature of the bug, providing valuable insights for bug bounty hunters to gain knowledge on exploiting various vulnerabilities such as XSSI, XSS, SQLi, XXE, RCE, Deserialization, Image Tragick, and Cross-Site Request Forgery (CSRF).
FEATURES
SIMILAR TOOLS
Nmap is an essential network scanning tool used for network security auditing and status monitoring.
An AI-powered Google Dorking tool that helps create effective search queries to uncover sensitive information on the internet.
An OSINT tool that generates username lists for companies on LinkedIn for social engineering attacks or security testing purposes.
Crt.sh is a website that allows users to search for SSL/TLS certificates of a targeted domain, providing transparency into certificate logs.
Web inventory tool that captures screenshots of webpages and includes additional features for enhanced usability.
LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.
A LinkedIn reconnaissance tool for gathering information about companies and individuals on the platform.
Automate Google Hacking Database scraping and searching with Pagodo, a tool for finding vulnerabilities and sensitive information.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.