reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

A living document for penetration testing and offensive security.

A community-driven OWASP Foundation project building open-source tools for vulnerability reporting, bug tracking, security automation & contributor engagement.

The First Open Source Bug Bounty Platform

A Django web application for curating Bug Bounty educational Videos

Simple API for storing all incoming XSS requests and various XSS templates.

Free XP on bug bounty, vulnerability scanning by wrapping well maintained tools, to perform automated tests. Alongside AI agents for binary analysis, which includes connecting to external Android or emulator to perform dynamic analysis.

A comprehensive browser extension designed for authorized security testing and penetration testing activities. CyberInject provides quick access to common security payloads across multiple vulnerability categories.

Discover hidden information on the web with "Elite Google Dorks Search by Biscuit." This collection offers smart and improved Google search queries to help you find data and vulnerabilities more easily. Perfect for anyone interested in cybersecurity, it makes searching more effective and efficient.

Lightweight OSINT reconnaissance tool with web UI for bug bounty hunters and pentesters

A collection of subdomains to help ethical hackers and security researchers

This repository documents my path from cybersecurity enthusiast to a skilled bug bounty hunter. Here, I share the tools, resources, techniques, and real-world insights I've gathered along the way, aimed at uncovering vulnerabilities and improving application security.

The raport about discovered bug in Google reCAPTCHA

¡Bienvenido a Bug Bounty Labs! 🚀 Una plataforma profesional de laboratorios vulnerables para dominar la seguridad web y el bug bounty hunting.

A professional, real-time reconnaissance dashboard for automated subdomain enumeration, DNS validation, and live host tracking using subfinder, amass, and httpx.

HTTP viewer for Burp Suite Community Edition · Open XML exports, filter by host/method/status, analyze requests with syntax highlighting, generate cURL in one click · Single HTML file, 100% offline, zero dependencies · FR/EN

I Jailbroke Claude Opus/Sonnet 4.6 & Haiku 4.5 with "more+"

Pink Sock is a Brave browser extension that analyzes web pages for improper sandboxing of iframes and other related security vulnerabilities

Bug bounty reports generator

A comprehensive collection of 100 essential commands for ethical hacking and bug bounty hunting. This arsenal covers various aspects of security testing, including domain enumeration, vulnerability scanning, and more.