Bugbounty
Showing 14 of 14 projects
A fast, passive subdomain enumeration tool for security researchers and penetration testers.
A community-curated collection of payloads, tools, and techniques for bug bounty hunters and security researchers.
A tool to scan APK files for URIs, endpoints, secrets, and sensitive data patterns.
An automated penetration testing tool that detects and exploits command injection vulnerabilities in web applications.
A Burp Suite extension for advanced GraphQL security testing, featuring vulnerability scanning, batch attacks, and schema analysis.
A curated collection of disclosed Android security reports from HackerOne and educational resources for vulnerability research.
A reverse engineering framework for Flutter apps, enabling traffic interception and dynamic analysis via patched Flutter engines.
A security tool that enumerates AWS S3 buckets to discover and download interesting files using wordlist-based scanning.
Automated deployment of red team infrastructure using Docker with a web interface for managing offensive security tools.
A cross-platform static code analysis tool for mobile applications (APK/IPA) to find security vulnerabilities like hardcoded credentials and API keys.
A curated collection of offensive security research, techniques, and tools for attacking CI/CD pipelines and software supply chains.
A utility for bug hunters and organizations to identify Blind Cross-Site Scripting vulnerabilities via customizable payloads and notifications.
A fast scanning and attack toolkit for identifying and exploiting GitHub Actions vulnerabilities at scale.
A tool that extracts all GraphQL endpoints from a given domain using subdomain enumeration, script analysis, and brute force.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.