Tips and Tutorials for Bug Bounty and also Penetration Tests.

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

BugBounty_CheatSheet

A curated list of available Bug Bounty & Disclosure Programs and Write-ups.

These Repositories About My Recon Methodology To Give Some Idea For Other Hunter How To Do Recon

Juniper Firewalls CVE-2023-36845 - RCE

Bug Bounty Testing Essential Guideline : Startup Bug Hunters

FourOhMe is a tool for testing HTTP headers on a website in order to try to bypass 40* HTTP codes. Written in Go, so easy to install and fast out of the box.

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Online tips and explain the commands, for the better understanding of new hunters..

Automate Nuclei scans and streamline bug hunting workflows

Infosec writeups, Bug bounty tips, Tweets & Many more that are picked from around the world || I personally use it || I try to mend it daily. So, stay tuned and learn something

HuntersEye is designed for Bug Bounty Hunters, and Security Researchers to monitor new subdomains and certificates for specified domains. The primary goal is to streamline and expedite the process of monitoring newly registered subdomains and SSL certificates related to specified target domains.

Pointer is a Fast Simple Lightweight Tool for Endpoint Discovery.

CVE-2022-40297 - Proof of Concept: Privilege escalation in Ubuntu Touch 16.04 - by PIN Bruteforce

OneLiner

Bug bounty Report/ CVS and buig bounty tips

Scripts for hunting bugs.

A list of Penetration Testing on Web application security