A comprehensive list of bug bounty write-ups categorized by the nature of the bug, providing valuable insights for bug bounty hunters to gain knowledge on exploiting various vulnerabilities such as XSSI, XSS, SQLi, XXE, RCE, Deserialization, Image Tragick, and Cross-Site Request Forgery (CSRF).
FEATURES
SIMILAR TOOLS
Automate the search for Exploits and Vulnerabilities in important databases.
Automate Google Hacking Database scraping and searching with Pagodo, a tool for finding vulnerabilities and sensitive information.
A vulnerability remediation platform that consolidates security findings, prioritizes risks using AI, and automates remediation workflows across cloud and application environments.
Automate version scraping and vulnerability scanning for Ruby on Rails stacks.
A search engine for the Internet of Things (IoT) that provides real-time information about connected devices.
A local privilege escalation vulnerability in the Linux kernel known for its catchy name and potential damages.
A repository of open-source plugins for Rapid7 InsightConnect
OpenVAS is an open-source vulnerability scanner that provides extensive testing capabilities for identifying security weaknesses in networks and systems.
PINNED

Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.