Bug-Bounty-Starter-KIT

The power of a Bug Hunters

Definition of Bug Bounty

A bug bounty program is a deal offered by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities.

Recon Tools

1. https://github.com/aboul3la/Sublist3r
2. https://github.com/EdOverflow/can-i-take-over-xyz
3. http://www.visualsitemapper.com/
4. https://www.wappalyzer.com/download
5. https://bitbucket.org/LaNMaSteR53/recon-ng
6. https://github.com/michenriksen/aquatone
7. https://github.com/rbsec/dnscan

---

Google Dorks

• site:target.com -www
• site:target.com intitle:”test” -support
• site:target.com ext:php | ext:html
• site:subdomain.target.com
• site:target.com inurl:auth
• site:target.com inurl:dev

---

Fuzzing

• https://github.com/danielmiessler/SecLists

---

Directory bruteforce

• https://github.com/maurosoria/dirsearch

---

Finding hidden GET & POST parameters

• https://github.com/UltimateHackers/Arjun

---

This python script is really cool and tries to extract URLs endpoints stored in JS scripts. It works well and has helped me many times!

• https://github.com/jobertabma/relative-url-extractor

---