cyberstars
cyberstars / purpose / bug-bounty

Tools for bug bounty

Independent disclosure programs.

50 tools indexed

RustScan

Modern port scanner in Rust.

ScanReconNetworks
RustGPL-3.0

S3Scanner

Find misconfigured object storage buckets.

ScanReconCloud
GoMIT

SSRFmap

Automatic SSRF fuzzer.

ExploitScanWeb apps
PythonGPL-3.0

Schemathesis

API fuzzer from OpenAPI/GraphQL.

FuzzScanWeb apps
PythonMIT

SecLists

The security tester's wordlist collection.

ReconAutomateWeb appsNetworks
PHPMIT

SpiderFoot

Automated OSINT collection.

ReconAutomateWeb appsNetworks
PythonMIT

Subfinder

Passive subdomain discovery.

ReconWeb appsNetworks
GoMIT

Turbo Intruder

High-volume Burp HTTP fuzzer.

FuzzExploitWeb apps
JavaApache-2.0

WPScan

WordPress vulnerability scanner.

ScanWeb apps
RubyCustom

Web Check

All-in-one OSINT for any website.

ReconAnalyzeWeb apps
TypeScriptMIT

WhatWeb

Next-generation web tech fingerprinter.

ReconScanWeb apps
RubyGPL-2.0

XSStrike

Advanced XSS detection suite.

ScanFuzzWeb apps
PythonMIT

Yakit

Cyber-security all-in-one platform.

InterceptScanWeb appsNetworks
TypeScriptAGPL-3.0

apk-mitm

Auto-prepare APKs for HTTPS inspection.

AnalyzeInterceptMobile apps
TypeScriptMIT

feroxbuster

Fast recursive content discovery in Rust.

FuzzReconWeb apps
RustMIT

ffuf

Fast web fuzzer written in Go.

FuzzScanWeb apps
GoMIT

github-dorks

Find leaked secrets via GitHub search.

ReconSource codeWeb apps
PythonMIT

httpx

Fast HTTP toolkit.

ReconScanWeb apps
GoMIT

jwt_tool

Test and exploit JWT vulnerabilities.

ExploitAnalyzeWeb apps
PythonCC-BY-SA-3.0

mitmproxy

Interactive HTTPS proxy.

InterceptAnalyzeWeb appsNetworks
PythonMIT

promptfoo

Red-team prompts, agents and RAGs.

ScanFuzzWeb appsSource code
TypeScriptMIT

sqlmap

Automatic SQL injection and database takeover.

ExploitScanWeb apps
PythonGPL-2.0

theHarvester

E-mail and subdomain harvester.

ReconWeb appsNetworks
PythonGPL-2.0

wafw00f

WAF fingerprinting.

ReconScanWeb apps
PythonBSD-3-Clause