ReconAIzer – Enhancing Burp Suite With OpenAI

ReconAIzer is a powerful Jython extension for Burp Suite that leverages OpenAI to help bug bounty hunters optimize their recon process. This extension automates various tasks, making it easier and faster for security researchers to identify and exploit vulnerabilities. Once installed, ReconAIzer add a contextual menu and a dedicated tab to see the results: Prerequisites …

BugBountyScanner : A Bash Script & Docker Image For Bug Bounty Reconnaissance

BugBountyScanner is a Bash script and Docker image for Bug Bounty reconnaissance, intended for headless use. Low on resources, high on information output. Note: Using the script over a VPN is highly recommended. It’s recommended to run BugBountyScanner from a server (VPS or home server), and not from your terminal. It is programmed to be …

PCWT : A Web Application That Makes It Easy To Run Your Pentest & Bug Bounty Projects

PCWT is a web application that makes it easy to run your pentest and bug bounty projects. The app provides a convenient web interface for working with various types of files that are used during the pentest, automate port scan and subdomain search. Port Scan You can scan ports using nmap or masscan. The nmap …

Axiom : A Dynamic Infrastructure Toolkit For Red Teamers & Bug Bounty Hunters

Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty and pentesting. Axiom right now is perfect for teams as small as one person, without costing you much at all to run. And by not much to run at all, I mean, less than 5 bucks a month …

Needle : Instant Access To You Bug Bounty Submission Dashboard On Various Platforms

Needle is the only chrome extension you may need to have one click access to your bug submissions across various platforms. No need to create any bookmark, type on the url bar and have fuss with autocomplete problems. Right now the list included is- Hackerone Bugcrowd Intigriti Yes we hack and added support as- H1 …

ezXSS : Easy Way For Penetration Testers & Bug Bounty Hunters

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting. Current Features Some features ezXSS has Easy to use dashboard with statics, payloads, view/share/search reports and more Payload generator Instant email alert on payload Custom javascript payload Enable/Disable screenshots Prevent double payloads from saving or alerting Block …

Telegram BBBot : Telegram Bug Bounty Bot

Telegram BBBot is a Telegram Bug Bounty Bot. History Telegram BBBot This bot adopted special for deploying to Heroku General purposes of this got – “Be helpful for infosec community!” Bot use https://github.com/maddevsio/bbcrawler for fetching information Used heroku https://github.com/heroku/go-getting-started as a template for project For bot used free account on heroku.com and firebase.com Also Read …

What is Bug Bounty Program?

A bug bounty program, likewise called a vulnerability rewards program (VRP), is a publicly supporting activity that rewards people for finding and revealing programming bugs. When developing up a site or application the designers are specialists altogether checks your item up, down and sideways, testing every aspect of its functionality. However, they may not be …

Chomp-Scan : A Scripted Pipeline of Tools To Streamline The Bug Bounty/Penetration Test Reconnaissance Phase

Chomp-Scan is a scripted pipeline of tools to simplify the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs. Chomp Scan is a Bash script that chains together the fastest and most effective tools (in my opinion/experience) for doing the long and sometimes tedious process of recon. No more looking for word …