bug-bounty-reference

Vulnerability reference

A curated list of publicly disclosed bug bounty write-ups organized by vulnerability type

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

GitHub

4k stars
240 watching
989 forks
last commit: 4 months ago
Linked from 5 awesome lists


Backlinks from these awesome lists:

Related projects:

Repository Description Stars
daffainfo/allaboutbugbounty A comprehensive collection of bug bounty notes and research findings on various vulnerabilities, bypass techniques, and web attacks. 5,891
edoverflow/bugbounty-cheatsheet A comprehensive resource for bug bounty hunters and security professionals. 5,962
arkadiyt/bounty-targets-data Data dump of domain eligibility for bug bounty platforms 3,167
tikam02/bug-bounty-resources A comprehensive collection of resources and articles on bug bounty hunting, security research, and vulnerability disclosure. 64
anlominus/bug-bounty A collection of curated resources and tools for bug bounty hunting and penetration testing 384
nahamsec/resources-for-beginner-bug-bounty-hunters A curated collection of resources for learning web hacking and bug bounty hunting 10,791
git-bug/git-bug A distributed, offline-first bug tracker embedded in git that allows collaborative development without vendor lock-in. 8,148
disclose/bug-bounty-platforms A community-driven directory of platforms facilitating vulnerability disclosure and bug bounty programs. 644
find-sec-bugs/find-sec-bugs A plugin for static analysis of Java web applications and Android applications to identify potential security vulnerabilities. 2,286
payloadbox/xss-payload-list A collection of scripts and payloads designed to exploit Cross-Site Scripting (XSS) vulnerabilities in web applications. 6,437
payloadbox/sql-injection-payload-list Provides a comprehensive list of SQL injection payloads and techniques 5,022
fuzzdb-project/fuzzdb A comprehensive toolset for identifying and exploiting application vulnerabilities through dynamic testing 8,265
r0oth3x49/ghauri Automates detection and exploitation of SQL injection security flaws using a cross-platform tool. 3,130
streaak/keyhacks A repository providing quick ways to validate API keys found on bug bounty programs or pentests. 5,118
zhangzhuosjtu/web3bugs Analyzing and categorizing exploitable bugs in smart contracts to improve vulnerability detection techniques 1,547