Practical Bug Bounty
Home
Bug Bounty Course
Knowledge Base
Resources
Challenges
Platforms
Programs
Philosophy
Contribute
Community
About
Contact
Bug Bounty Resources
Discover Blog Posts, Articles, Repositories, Videos, HackerOne Reports.
Search
Resource Types
Blog Post
10
GitHub Repository
305
Article
172
Video
17
HackerOne Report
11965
Tags
hacktoberfest
24
security
12
bugbounty
7
security-tools
7
hacking
6
enumeration
5
reconnaissance
5
pentest
5
golang
4
recon
4
pentesting
4
golang
4
go
3
secret
3
rust
2
ctf
2
scanning
2
osint
2
security-scanner
2
dns-bruteforcer
2
cli
2
port-enumeration
2
secrets
2
portscanner
2
hacking-tool
2
devsecops
2
sql-injection
2
vulnerability
2
offensive-security
2
git
2
dns-resolution
2
information-retrieval
2
url-bruteforcer
2
nmap
2
pentesting-tool
1
redteam
1
files
1
dirbuster
1
dirb
1
dictionaries
1
bruteforce
1
bruteforce-wordlist
1
web-content-scanner
1
auditing
1
crawler
1
crawling
1
endpoints
1
endpoint-discovery
1
gau
1
wayback-machine
1
alienvault
1
parser
1
goquery
1
extract
1
urls
1
payloads
1
fuzz
1
vulnerability-detection
1
exploitation
1
vulnerability-scanner
1
bugbounty-tool
1
lfi
1
lfi-exploitation
1
reverse-shell
1
local-file-inclusion
1
hac
1
graphql
1
nosql-injection
1
graphql-injection
1
capture-the-flag
1
ssrf
1
server-side-request-forgery
1
ssrfmap
1
redis
1
nosql
1
nosql-databases
1
security-toolset
1
databases
1
mongodb
1
couchdb
1
mongodb-database
1
payload
1
xxe
1
dtd
1
cheatsheet
1
gitleaks
1
trufflehog
1
credentials
1
dynamic-analysis
1
verification
1
secret-management
1
precommit
1
git-hooks
1
scans
1
husky
1
potential-secrets
1
pre-commit
1
pre-push
1
secrets-detection
1
subdomain-takeover
1
cve-scanner
1
nuclei-engine
1
vulnerability-assessment
1
web-application
1
asset-finder
1
secret-keys
1
scraper
1
zap
1
zap-development
1
dast
1
zaproxy
1
bypass
1
bounty
1
methodology
1
privilege-escalation
1
bounty-hunting
1
recon-tool
1
content-security-policy
1
csp
1
offensivesecurity
1
dns
1
information-gathering
1
dns-resolver
1
dns-client
1
massdns
1
subdomain-scanner
1
subdomains-enumeration
1
scanner
1
infosec
1
subdomain-bruteforcing
1
pentest-tool
1
wildcard-filtering
1
dns-records
1
security-audit
1
web-application-security
1
network
1
dns-enumeration
1
directories-enumeration
1
attack-surface
1
cybersecurity
1
port
1
networking
1
docker
1
scan-ports
1
cdn-exclusion
1
web
1
appsec
1
javascript
1
http
1
ssl-certificate
1
pipeline
1
lib
1
content-discovery
1
Clear Filters
liffy
Local file inclusion exploitation tool
mzfr
GraphQLmap
GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do …
swisskyrepo
SSRFmap
Automatic SSRF fuzzer and exploitation tool
swisskyrepo
NoSQLMap
Automated NoSQL database enumeration and web application exploitation tool.
codingo
dtd-finder
List DTDs and generate XXE payloads using those local DTDs.
GoSecure
gitleaks
Protect and discover secrets using Gitleaks 🔑
gitleaks
trufflehog
Find and verify credentials
trufflesecurity
talisman
Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious …
thoughtworks
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
projectdiscovery
metasploit-framework
Metasploit Framework
rapid7
2 / 3