cyberstars
cyberstars / purpose / bug-bounty

Outils pour bug bounty

Independent disclosure programs.

50 tools indexed

Anamorpher

Image-scaling attacks for multi-modal LLMs.

ExploitFuzzWeb apps
PythonAGPL-3.0

AttackSurfaceMapper

Automated external attack-surface mapping.

ReconAutomateWeb appsNetworks
PythonGPL-3.0

Burp MCP Server

Drive Burp Suite from an LLM.

AutomateScanWeb apps
JavaApache-2.0

CORScanner

Fast CORS misconfig scanner.

ScanWeb apps
PythonGPL-3.0

Chaitin Xray

Web vulnerability scanner with custom POCs.

ScanWeb apps
Custom

Commix

OS command-injection exploitation.

ExploitScanWeb apps
PythonGPL-3.0

Cook

Wordlist framework for hackers.

ReconAutomateWeb appsNetworks
GoMIT

Dalfox

Parameter-aware XSS scanner.

ScanFuzzWeb apps
GoMIT

Dirsearch

Advanced web path scanner.

FuzzReconWeb apps
PythonGPL-2.0

Frida

Dynamic instrumentation for app analysis.

AnalyzeInterceptMobile appsBinaries
CwxWindows

Gobuster

Directory, DNS and vhost brute-forcer.

FuzzReconWeb appsNetworks
GoApache-2.0

Gopherus

Generate gopher:// SSRF payloads.

ExploitWeb apps
PythonMIT

Hetty

Open-source HTTP toolkit for sec research.

InterceptScanWeb apps
GoMIT

HostHunter

OSINT-driven hostname discovery.

ReconWeb appsNetworks
PythonApache-2.0

Katana

Next-generation crawling framework.

ReconScanWeb apps
GoMIT

Naabu

Fast port scanner in Go.

ScanReconNetworks
GoMIT

Nuclei

Template-based vulnerability scanner.

ScanWeb appsNetworks
GoMIT

OWASP Amass

In-depth attack surface mapping.

ReconScanWeb appsNetworks
GoApache-2.0

OWASP ZAP

Open-source web app scanner.

ScanInterceptWeb apps
JavaApache-2.0

Objection

Runtime mobile exploration via Frida.

AnalyzeInterceptMobile apps
PythonGPL-3.0

Param Miner

Burp extension for parameter discovery.

ReconFuzzWeb apps
JavaApache-2.0

Recon-ng

Full-featured reconnaissance framework.

ReconAutomateWeb appsNetworks
PythonGPL-3.0

Retire.js

Detect vulnerable JS libraries.

ScanWeb appsSource code
JavaScriptApache-2.0