A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

Making Favicon.ico based Recon Great again !

RouterOS Security Research Tooling and Proof of Concepts

BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.

ANTLR v4 grammar-based test generator

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

Here I gather all the resources about hacking that I find interesting

Tools for BugHunting

Tools of "The Bug Hunters Methodology V2 by @jhaddix"

Fuzzinator Random Testing Framework

Hunt down the secrets from the WebArchives for Fun and Profit

A list of useful payloads and Bypass for Web Application Security and Bug Bounty/CTF

Docker Remote API Scanner and Exploit

SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.

R3C0Nizer is the first ever CLI based menu-driven web application B-Tier recon framework.

Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...

Hacking tools

Weaponizing Live CT logs for automated monitoring of assets

A utility for detecting webpage inputs and conducting XSS scans.

Cyber Security Notes, Methodology, Resources and Tips