bug-bounty-reference
Vulnerability reference
A curated list of publicly disclosed bug bounty write-ups organized by vulnerability type
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
4k stars
239 watching
989 forks
last commit: 4 months ago
Linked from 5 awesome lists
hack-with-github/awesome-hacking
qazbnm456/awesome-web-security
coreb1t/awesome-pentest-cheat-sheets
bytesnipers/awesome-pentest-cheat-sheets
netanmangal/awesome-hackingRelated projects:
| Repository | Description | Stars |
|---|---|---|
 daffainfo/allaboutbugbounty | A comprehensive collection of bug bounty notes and research findings on various vulnerabilities, bypass techniques, and web attacks. | 5,855 |
 edoverflow/bugbounty-cheatsheet | A comprehensive resource for bug bounty hunters and security professionals. | 5,938 |
 arkadiyt/bounty-targets-data | An hourly-updated repository providing raw data on eligible domains for bug bounty reports. | 3,156 |
 tikam02/bug-bounty-resources | A comprehensive collection of resources and articles on bug bounty hunting, security research, and vulnerability disclosure. | 64 |
 anlominus/bug-bounty | A collection of curated resources and tools for bug bounty hunting and penetration testing | 377 |
 nahamsec/resources-for-beginner-bug-bounty-hunters | A curated collection of resources for learning web hacking and bug bounty hunting | 10,763 |
 git-bug/git-bug | A distributed, offline-first bug tracker embedded in git that allows collaborative development without vendor lock-in. | 8,148 |
 disclose/bug-bounty-platforms | A community-driven directory of platforms facilitating vulnerability disclosure and bug bounty programs. | 634 |
 find-sec-bugs/find-sec-bugs | A plugin for static analysis of Java web applications and Android applications to identify potential security vulnerabilities. | 2,283 |
 payloadbox/xss-payload-list | A collection of scripts and payloads designed to exploit Cross-Site Scripting (XSS) vulnerabilities in web applications. | 6,366 |
| payloadbox/sql-injection-payload-list | Provides a comprehensive list of SQL injection payloads and techniques | 5,000 |
 fuzzdb-project/fuzzdb | A comprehensive toolset for identifying and exploiting application vulnerabilities through dynamic testing | 8,242 |
 r0oth3x49/ghauri | Automates detection and exploitation of SQL injection security flaws using a cross-platform tool. | 3,114 |
 streaak/keyhacks | A repository providing quick ways to validate API keys found on bug bounty programs or pentests. | 5,099 |
 zhangzhuosjtu/web3bugs | Analyzing and categorizing exploitable bugs in smart contracts to improve vulnerability detection techniques | 1,544 |