⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

GT (Great Tit) is a portable debugging tool for bug hunting and performance tuning on smartphones anytime and anywhere just as listening music with Walkman. GT can act as the Integrated Debug Environment by directly running on smartphones.

Applied offensive security with Rust - https://kerkour.com/black-hat-rust

An step by step fuzzing tutorial. A GitHub Security Lab initiative

Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

This is a resource factory for anyone looking forward to starting bug hunting and would require guidance as a beginner.

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

Ressources for bug bounty hunting

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

AI-powered bug bounty hunting from your terminal - recon, 20 vuln classes, autonomous hunting, and report generation. All inside Claude Code.

A collection of one-liners for bug bounty hunting.

A repository that includes all the important wordlists used while bug hunting.

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

An advanced AI-driven vulnerability scanner and penetration testing tool that integrates multiple AI providers (OpenAI, Grok, OLLAMA, Claude) with comprehensive security testing modules for automated bug hunting, intelligent payload generation, and professional reporting.

1337 Wordlists for Bug Bounty Hunting

Beginner Guide to Bug Hunting

A Modern Framework for Bug Bounty Hunting

Bug Bounty Hunting Framework Designed to Help Beginners Compete w/ the Pros

Web App bug hunting

SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.

An automated approach to performing recon for bug bounty hunting and penetration testing.

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

Bug Bounty Methodology 2025: Tools, techniques, and steps to guide you through reconnaissance, enumeration, and testing.

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

abyss - augmentation of Hexrays decompiler output

No description available

This repo contains the code for my secure code review challenges. People used this as the primary resource to pass FAANG AppSec interviews 😉

My Private Bug Hunting Methodology

XSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.