Bug Bounty Security Tools

Browse Cybersecurity Tools in this category

24 InfoSec Tools

jwtauditor

jwtauditor

by dr34mhacks

JWT Auditor – Analyze, break, and understand your tokens like a pro.

jwt jwt-auth jwt-hacking
Jul 16, 2025
xurlfind3r

xurlfind3r

by hueristiq

A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact directly with the target but instead gathers data that is already publicly available.

bug-bounty bug-bounty-tools contentdiscovery
Jun 30, 2025
Nuclei-AI-Prompts

Nuclei-AI-Prompts

by reewardius

Nuclei-AI-Prompts

security tool
Jun 24, 2025
BugBountyScanner

BugBountyScanner

by chvancooten

A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.

bug-bounty-reconnaissance bugbounty docker-image
Jun 24, 2025
unfurl

unfurl

by tomnomnom

Pull out bits of URLs provided on stdin

security tool
Jun 18, 2025
http-request-smuggling

http-request-smuggling

by anshumanpattnaik

HTTP Request Smuggling Detection Tool

blackhat chunked-encoding content-length
Jun 18, 2025
clairvoyance

clairvoyance

by nikitastupin

Obtain GraphQL API schema even if the introspection is disabled

bug-bounty graphql penetration-testing
Jun 18, 2025
ZoomeyeSearch

ZoomeyeSearch

by RevoltSecurities

A powerful CLI tool that uses ZoomEye to search exposed services, gather intelligence, and automate reconnaissance.

security tool
Jun 15, 2025
NucleiPrompt

NucleiPrompt

by AryaSec1337

Nuclei Prompt Scanner adalah tools berbasis Python yang memanfaatkan Nuclei dan AI Prompting untuk melakukan pemindaian kerentanan pada web target berdasarkan kategori OWASP dan lainnya, dengan antarmuka interaktif berbasis CLI (command-line).

security
Jun 14, 2025
altdns

altdns

by infosec-au

Generates permutations, alterations and mutations of subdomains and then resolves them

security tool
Jun 08, 2025
awesome-bugbounty-builder

awesome-bugbounty-builder

by 0xJin

Awesome Bug bounty builder Project

security tool
Jun 06, 2025
awesome-oneliner-bugbounty

awesome-oneliner-bugbounty

by dwisiswant0

A collection of awesome one-liner scripts especially for bug bounty tips.

awesome bash bug-bounty
Jun 06, 2025
burp_bug_finder

burp_bug_finder

by lucsemassa

Automatic Bug finder with buprsuite

security tool
Jun 04, 2025
apidetector

apidetector

by brinhosa

APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing.

security tool
Jun 04, 2025
Recon-Search-Assistant

Recon-Search-Assistant

by Boopath1

A powerful and intuitive web-based search engine designed specifically for bug bounty hunters and security researchers. This tool provides quick access to various Google dorks and specialized searches to help identify potential security vulnerabilities and gather information about target domains.

security
Jun 04, 2025
urlF

urlF

by Boopath1

My script stands out by preserving the structure of duplicate URLs and handling complex query parameters, unlike standard tools that only filter alphabetically or deduplicate.

security
Jun 04, 2025
ipsourcebypass

ipsourcebypass

by p0dalirius

This Python script can be used to bypass IP source restrictions using HTTP headers.

bugbounty bypass headers
Jun 01, 2025
InterceptSuite

InterceptSuite

by Anof-cyber

A powerful SOCKS5 proxy based network traffic interception tool for Windows that enables TLS/SSL inspection, analysis, and manipulation at the network level.

cybersecurity interceptor network-analysis
Jun 01, 2025
osmedeus

osmedeus

by j3ssie

A Workflow Engine for Offensive Security

attack-surface attack-surface-management bug-bounty
Jun 01, 2025
Gf-Patterns

Gf-Patterns

by 1ndianl33t

GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep

security tool
Jun 01, 2025
snallygaster

snallygaster

by hannob

Tool to scan for secret files on HTTP servers

security tool
Jun 01, 2025
ChopChop

ChopChop

by michelin

ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.

devsecops scanning security
Jun 01, 2025
ParamSpider

ParamSpider

by devanshbatham

Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

bugbounty content-discovery fuzzing
Jun 01, 2025
bbot

bbot

by blacklanternsecurity

The recursive internet scanner for hackers. 🧡

asm attack-surface-management automation
May 31, 2025