Complete Bug Bounty tool List
-
Sublist3r https://github.com/aboul3la/Sublist3r
-
nmap https://nmap.org
-
EyeWitness https://github.com/ChrisTruncer/EyeWitness
-
dirsearch https://github.com/maurosoria/dirsearch
-
git-secrets https://github.com/awslabs/git-secrets
-
sandcastle https://github.com/yasinS/sandcastle
-
bucket_finder https://digi.ninja/projects/bucket_finder.php
-
GoogD0rker https://github.com/ZephrFish/GoogD0rker/
-
Wayback Machine https://web.archive.org
-
waybackurls https://gist.github.com/mhmdiaa/adf6bff70142e5091792841d4b372050
-
datasploit https://github.com/DataSploit/datasploit
-
changeme https://github.com/ztgrace/changeme
-
MobSF https://github.com/MobSF/Mobile-Security-Framework-MobSF/
-
sqlmap http://sqlmap.org/
-
XXE Injector https://github.com/enjoiz/XXEinjector
-
The JSON Web Token Toolkit https://github.com/ticarpi/jwt_tool
-
ground-control https://github.com/jobertabma/ground-control
-
ssrfDetector https://github.com/JacobReynolds/ssrfDetector
-
dvcs-ripper https://github.com/kost/dvcs-ripper
-
HostileSubBruteforcer https://github.com/nahamsec/HostileSubBruteforcer
-
Race the Web https://github.com/insp3ctre/race-the-web
-
ysoserial https://github.com/GoSecure/ysoserial
-
CORStest https://github.com/RUB-NDS/CORStest
-
retire-js https://github.com/RetireJS/retire.js
-
getsploit https://github.com/vulnersCom/getsploit
-
Findsploit https://github.com/1N3/Findsploit
-
WPScan https://wpscan.org/
ENJOY 