Bug Bounty Security Tools

Browse Cybersecurity Tools in this category

24 InfoSec Tools

knock

knock

by guelfoweb

Knock Subdomain Scan

security tool
May 31, 2025
shosubgo

shosubgo

by incogbyte

Small tool to Grab subdomains using Shodan api.

golang grab-subdomains shodan
May 31, 2025
cero

cero

by glebarez

Scrape domain names from SSL certificates of arbitrary hosts

domain-names recon scrape
May 31, 2025
web_app_recon_ci-cd_public

web_app_recon_ci-cd_public

by onurcangnc

This project delivers a fully automated **Recon-as-Code** workflow for passive reconnaissance for web application environments. It combines GitHub Actions-based CI/CD automation, powerful recon tools, and a Flask-powered dashboard for visualized and authenticated access to the findings.

security
May 31, 2025
S3BucketMisconf

S3BucketMisconf

by Atharv834

S3BucketMisconf is an advanced tool designed to scan AWS S3 buckets for misconfigurations. It identifies publicly accessible buckets, checks permissions, and detects sensitive data leaks. Ideal for bug bounty hunters and pentesters, it automates the recon process and enhances cloud storage security assessment efficiently.

security
May 31, 2025
csprecon

csprecon

by edoardottt

Discover new target domains using Content Security Policy

bounty-hunting bugbounty bugbounty-tool
May 31, 2025
favirecon

favirecon

by edoardottt

Use favicons to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.

bug-bounty bugbounty favicon
May 31, 2025
4-ZERO-3

4-ZERO-3

by Dheerajmadhukar

403/401 Bypass Methods + Bash Automation + Your Support ;)

security tool
May 31, 2025
back-me-up

back-me-up

by Dheerajmadhukar

This tool will check for Sensitive Data Leakage with some useful patterns/RegEx. The patterns are mostly targeted on waybackdata and filter everything accordingly.

security tool
May 31, 2025
recox

recox

by samhaxr

Master script for web reconnaissance

security tool
May 31, 2025
socialhunter

socialhunter

by utkusen

crawls the website and finds broken social media links that can be hijacked

bug-bounty bugbounty osint
May 31, 2025
hades

hades

by joelindra

Automate your hacking

security
May 31, 2025
jxscout

jxscout

by francisconeves97

jxscout superpowers JavaScript analysis for security researchers

security tool
May 28, 2025
aem-hacker

aem-hacker

by 0ang3el

An MCP server implementation

security tool
May 27, 2025
SubEnum

SubEnum

by bing0o

bash script for Subdomain Enumeration

security tool
May 27, 2025
uro

uro

by s0md3v

declutters url lists for crawling/pentesting

security tool
May 26, 2025
SecretFinder

SecretFinder

by m4ll0k

SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files

security tool
May 26, 2025
LinkFinder

LinkFinder

by GerbenJavado

A python script that finds endpoints in JavaScript files

endpoints infosec
May 26, 2025
dnsx

dnsx

by projectdiscovery

dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.

cli dns-bruteforcer dns-client
May 26, 2025
dnsgen

dnsgen

by AlephNullSK

DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelligent domain name variations to assist in subdomain discovery and security assessments.

domains osint recon
May 26, 2025
lazyrecon

lazyrecon

by nahamsec

This script is intended to automate your reconnaissance process in an organized fashion

security tool
May 26, 2025
assetfinder

assetfinder

by tomnomnom

Find domains and subdomains related to a given domain

security tool
May 26, 2025
Sublist3r

Sublist3r

by aboul3la

Fast subdomains enumeration tool for penetration testers

security tool
May 26, 2025
dalfox

dalfox

by hahwul

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

bugbounty bugbounty-tool cicd-pipeline
May 26, 2025