Reconky – A Great Content Discovery Bash Script For Bug Bounty Hunters Which Automate Lot Of Task And Organized It

Reconky is a script written in bash to automate the task of recon and information gathering.This Bash Script allows you to collect some information that will help you identify what to do next and where to look for the required target. Usage ./reconky.sh <domain.com> Main-Features It will Gathers Subdomains with assetfinder and Sublist3r Duplex checkRead More

Keyhacks – A Repository Which Shows Quick Ways In Which API Keys Leaked By A Bug Bounty Program Can Be Checked To See If They’Re Valid

KeyHacks shows ways in which particular API keys found on a Bug Bounty Program can be used, to check if they are valid. @Gwen001 has scripted the entire process available here and it can be found here Table of Contents ABTasty API Key Algolia API key Amplitude API Keys Asana Access token AWS Access KeyRead More

BugBountyScanner – A Bash Script And Docker Image For Bug Bounty Reconnaissance

A Bash script and Docker image for Bug Bounty reconnaissance, intended for headless use. Low on resources, high on information output. Helpful? BugBountyScanner helped you net a bounty? Description Note: Using the script over a VPN is highly recommended. It’s recommended to run BugBountyScanner from a server (VPS or home server), and not from yourRead More

JSFScan.sh – Automation For Javascript Recon In Bug Bounty

Blog can be found at https://medium.com/@patelkathan22/beginners-guide-on-how-you-can-use-javascript-in-bugbounty-492f6eb1f9ea?sk=21500dc4288281c7e6ed2315943269e7 Script made for all your javascript recon automation in bugbounty. Just pass subdomain list to it and options according to your preference. Features 1 – Gather Jsfile Links from different sources.2 – Import File Containing JSUrls3 – Extract Endpoints from Jsfiles4 – Find Secrets from Jsfiles5 – Get JsfilesRead More

PCWT – A Web Application That Makes It Easy To Run Your Pentest And Bug Bounty Projects

A web application that makes it easy to run your pentest and bug bounty projects. Description The app provides a convenient web interface for working with various types of files that are used during the pentest, automate port scan and subdomain search. Main page   Project settings Domains dashboard   Port scan You can scanRead More

Bbrecon – Python Library And CLI For The Bug Bounty Recon API

Bug Bounty Recon (bbrecon) is a free Recon-as-a-Service for bug bounty hunters and security researchers. The API aims to provide a continuously up-to-date map of the Internet “safe harbor” attack surface, excluding out-of-scope targets.It comes with an ergonomic CLI and Python library.This repository holds the CLI and Python library. Please see the website for moreRead More

Quiver – Tool To Manage All Of Your Tools For Bug Bounty Hunting And Penetration Testing

Quiver is the tool to manage all of your tools. It’s an opinionated and curated collection of commands, notes and scripts for bug bounty hunting and penetration testing. Features ZSH / Oh-My-ZSH shell plugin Tab auto-completion Global variables Prefills the command line, doesn’t hide commands from you Built-in logbook for on-the-fly notes, saving commands RendersRead More

Axiom – A Dynamic Infrastructure Toolkit For Red Teamers And Bug Bounty Hunters!

Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty and pentesting. Axiom right now is perfect for teams as small as one person, without costing you much at all to run. And by not much to run at all, I mean, less than 5 bucks a monthRead More

Needle – Instant Access To You Bug Bounty Submission Dashboard On Various Platforms + Publicly Disclosed Reports + #Bugbountytip

Chrome extension for Instant access to your bug bounty submission dashboard of various platforms + publicly disclosed reports + #bugbountytip Needle is the only chrome extension you may need to have one click access to your bug submissions across various platforms. No need to create any bookmark, type on the url bar and have fussRead More

X