A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact directly with the target but instead gathers data that is already publicly available.

Bug Bounty ~ Awesomes | Books | Cheatsheets | Checklists | Tools | Wordlists | More

A command-line utility designed to discover subdomains for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact directly with the target but instead gathers data that is already publicly available.

A command-line utility designed to recursively spider webpages for URLs. It works by actively traversing websites - following links embedded in webpages, parsing resources like sitemaps and robots.txt files, and even processing local files - to uncover every URL.

A fast subdomain takeover tool

This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.

A Bug Bounty Platform that allows hunters to issue commands over a geo-distributed cluster. The ideal user is someone who is attempting to scan multiple bug bounty programs simultaneously, on a recurring basis.

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Bug Bounty in Cybersecurity.

Automated way to extract juicy info with subfinder and waybackurls

Personal Access Token (PAT) recon tool for bug bounty hunters, pentesters & red teams

COLI (Command Orchestration & Logic Interface) – A visual orchestration layer for EWE, built for bug bounty automation. Create and run CLI workflows visually, manage scopes, monitor scans in real-time, and chain tools like subfinder → httpx → nuclei in a single streamlined interface.

Bug bounty domain manager with validation, exports & Redis storage ✨

Complete collection of bug bounty reports from Hackerone.

The nightmare of WAFs & CDNs, Use multi tricks for bypass ratelimit of WAFs & CDNs & Webservers.

Discover related domains using Whois data from whoxy.com

r3conwhale aims to develop a multifunctional recon chain for web applications, intelligently interpreting collected data, and optimizing performance and resource consumption through a concurrency-based approach.

Discover hidden information on the web with "Elite Google Dorks Search by Biscuit." This collection offers smart and improved Google search queries to help you find data and vulnerabilities more easily. Perfect for anyone interested in cybersecurity, it makes searching more effective and efficient.

Powerful Bash-based subdomain enumeration tool for recon, bug bounty, and red teaming — integrates Subfinder, Amass, httpx & more.

A list of resources for those interested in getting started in bug bounties

Simply output a random user-agent. Use it with tools that don't have a --random-agent flag. Like `random-agent` or $(random-agent)