Bug Bounty Tools
Before you move on
Before moving on, refer to the information gathering page to try to use leverage Google Dorks, OSINT and information gathering techniques against your target.
Remember to use rate-limiting and user-headers according to the specific program's guideline.
Auto Tools
Notice - This page is Incomplete - more tools will be added
Subdomain & VHost Discovery
https://github.com/edoardottt/scilla
https://pentest-tools.com/information-gathering/find-subdomains-of-domain
https://pentest-tools.com/information-gathering/find-virtual-hosts
Information Gathering
https://github.com/edoardottt/cariddi
https://github.com/j3ssie/metabigor
https://github.com/BullsEye0/dorks-eye
https://pentest-tools.com/information-gathering/google-hacking
Scanning for Vulnerabilities
https://github.com/six2dez/reconftw
https://pentest-tools.com/website-vulnerability-scanning/website-scanner
https://pentest-tools.com/cms-vulnerability-scanning/wordpress-scanner-online-wpscan
Last updated