Practical Bug Bounty
Home
Bug Bounty Course
Knowledge Base
Resources
Challenges
Platforms
Programs
Philosophy
Contribute
Community
About
Contact
Bug Bounty Resources
Discover Blog Posts, Articles, Repositories, Videos, HackerOne Reports.
Search
Resource Types
Blog Post
10
GitHub Repository
305
Article
172
Video
17
HackerOne Report
11965
Tags
security
58
security-tools
20
bugbounty
17
penetration-testing
15
hacking
12
hacktoberfest
12
pentesting
11
golang
11
infosec
11
reconnaissance
9
osint
8
scanner
7
recon
7
enumeration
7
secrets
7
security-scanner
6
secrets-detection
5
devsecops
5
hacking-tool
5
bug-bounty
4
go
4
web
4
appsec
4
xss
3
rust
3
chrome-extension
3
python
3
chrome
3
pentest-tool
3
redteam
3
secret
3
scanning
3
credentials
3
fuzzer
3
github-api
3
pentest
3
awesome
2
secret-management
2
owasp
2
list
2
vulnerability
2
awesome-list
2
pentesting-tools
2
security-vulnerability
2
vulnerability-detection
2
attack-surface
2
ruby
2
penetration-testing-tools
2
bugbounty-tool
2
hacking-tools
2
firefox-extension
2
s3
2
aws
2
nmap
2
security-audit
2
penetration-test
2
tool
2
information-gathering
2
web-application-security
2
fuzzing
2
wordlist
2
subdomain-takeover
2
xss-detection
2
bug
2
oscp
2
chrome-headless
2
chromium
2
screenshots
2
blueteam
2
crawler
2
crawling
2
offensive-security
2
headless-chrome
2
git
2
trufflehog
2
information-retrieval
2
subdomain
2
endpoints
1
endpoint-discovery
1
gau
1
wayback-machine
1
alienvault
1
parser
1
payloads
1
fuzz
1
api
1
automation
1
rails
1
exploitation
1
vulnerability-scanner
1
takeover
1
ethical-hacking
1
traversal
1
lfi
1
rfi
1
directory-traversal
1
path-traversal
1
web-security
1
file-include
1
lfi-shells
1
lfi-vulnerability
1
inclusion
1
directory-traversal-vulnerability
1
graphql
1
nosql-injection
1
pentest-tools
1
race-conditions
1
devops-tools
1
sqlmap
1
nosql
1
mongodb
1
sqlmapapi
1
autoscan
1
sqlmap-webui
1
security-automation
1
sqlinjection
1
xss-scanner
1
xss-exploit
1
xss-bruteforce
1
payload
1
cicd-pipeline
1
bugbountytips
1
browser-extension
1
firefox
1
firefox-addon
1
bxss
1
cross-site-scripting
1
xxe
1
dtd
1
cheatsheet
1
default-creds
1
gitleaks
1
dynamic-analysis
1
verification
1
precommit
1
leaks
1
fuzzy-matching
1
sensitive-data-exposure
1
gists
1
gist-search
1
github
1
serverless
1
cyint
1
secrets-management
1
passwords
1
secrets-scan
1
lint
1
linter
1
structured-data
1
structured-text
1
yaml-parser
1
json-parser
1
xml-parser
1
security-compliance
1
hardcoded
1
yar
1
s3-bucket
1
utility
1
plugins
1
amazon-s3
1
amazon-s3-bucket
1
amazon-web-services
1
extensions
1
bounty-hunters
1
bounty-hunting-tools
1
tools
1
wordpress
1
wpscan
1
wpvulndb
1
jwt-authentication
1
cracker
1
jwt
1
testing-tools
1
cracking
1
payload-generator
1
hostile
1
subdomain-takeovers
1
wordlist-generator
1
mapping
1
cve-scanner
1
nuclei-engine
1
vulnerability-assessment
1
sn1per
1
sn1per-professional
1
bugbounty-platform
1
pentest-scripts
1
osint-tool
1
osint-framework
1
attacksurface
1
attack-surface-management
1
web-application
1
asset-finder
1
secret-keys
1
scraper
1
zap
1
zap-development
1
dast
1
zaproxy
1
bypass
1
bounty
1
methodology
1
privilege-escalation
1
android
1
vulnerable
1
vulnerable-applications
1
bounty-hunting
1
recon-tool
1
content-security-policy
1
csp
1
offensivesecurity
1
network-security
1
attack-surfaces
1
subdomain-scanner
1
subdomains-enumeration
1
kali-linux
1
subdomains
1
scan
1
virtual-hosts
1
discovery-service
1
virtual-host
1
vhost
1
vhosts
1
hackthebox
1
ctf-tools
1
reverse-lookups
1
network
1
portscanner
1
dns-enumeration
1
port-enumeration
1
directories-enumeration
1
cybersecurity
1
footprinting
1
port
1
networking
1
docker
1
c-plus-plus
1
lua
1
port-scanner
1
machine-learning
1
linux
1
windows
1
osx
1
network-discovery
1
service-discovery
1
asynchronous
1
socket
1
libpcap
1
pcre
1
netcat
1
ping
1
headless
1
screenshot
1
reporting
1
gowitness
1
fingerprint
1
technologies
1
web-inventory
1
python3
1
wappalyzer
1
application-security
1
web-hacking
1
vulnerabilities
1
grunt-plugins
1
javascript
1
vulnerable-libraries
1
insecure-libraries
1
build-tool
1
software-composition-analysis
1
sbom
1
sbom-generator
1
sbom-tool
1
pipeline
1
content-discovery
1
url-bruteforcer
1
dirsearch
1
brute
1
red-teaming
1
perl
1
brute-force
1
dirbuster
1
dirb
1
dictionaries
1
bruteforce
1
bruteforce-wordlist
1
web-content-scanner
1
auditing
1
Clear Filters
trufflehog
Find and verify credentials
trufflesecurity
GitGot
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for …
BishopFox
gitrob
Reconnaissance tool for GitHub organizations
michenriksen
repo-supervisor
Scan your code for security misconfiguration, search for passwords and secrets. :mag:
auth0
shhgit
Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repos…
eth0izzle
whispers
Identify hardcoded secrets in static structured text
Skyscanner
yar
Yar is a tool for plunderin' organizations, users and/or repositories.
nielsing
secret-bridge
Monitors Github for leaked secrets
duo-labs
noseyparker
Nosey Parker is a command-line program that finds secrets and sensitive information in textual data…
praetorian-inc
git-dumper
A tool to dump a git repository from a website
arthaud
4 / 6