Skip to content

Files

Latest commit

 

History

History
177 lines (89 loc) · 5.8 KB

bug-hunting.md

File metadata and controls

177 lines (89 loc) · 5.8 KB

Bug Hunting

General Use Applications

Browser Extensions

Lazy Fuzzer

  • Simple Chrome extension to assist in testing for things like xss, etc.

xssHunterExtension

  • Chrome extension for XSS Hunter Payloads.

CLI

Bugcrowd api client

  • A python api client for Bugcrowd.

Dash

Hackerone Public Reports

  • Finds all public bug reports on Hackerone.

JSParser

  • A python 2.7 script using Tornado and JSBeautifier to parse relative URLs from JavaScript files.

Linkerator

  • Python script to scrape specified web page(s) for external links and verify whether or not it is an active resource.

LinkFinder

  • A python script that finds endpoints in JavaScript files.

subdomainator

  • Stay on top of new subdomains! Bug bounty hunters can use this tool to receive Pushbullet notifications each time there is a new target subdomain.

Sully

  • A fuzzing engine and fuzz testing framework consisting of multiple extensible components.

Web Apps

BountyDash

  • A great way to long term track your bug hunting achievements.

Debugging

gdbgui

  • A modern, browser-based frontend to gdb (gnu debugger). Add breakpoints, view stack traces, and more in C, C++, Go, and Rust. Simply run gdbgui from the terminal and a new tab will open in your browser.

Miscellaneous

Pixd

  • A tool for visualizing binary data using a color palette.

python-idb

  • Pure Python parser and analyzer for IDA Pro database files (.idb).

Reverse Engineering

binexport

  • An IDA Pro plugin for exporting disassemblies into BinNavi databases and to Protocol Buffers.

bingrep

  • Grep through binaries with colorized results.

GR Keyfob

  • Transceiver for Hella wireless car key fobs.

IDA Python Embedded Toolkit

  • IDAPython scripts for automating analysis of firmware of embedded devices.

IDA Skins

  • Prevent blindness from IDA Pro's default skin.

Lighthouse

  • Code Coverage Explorer for IDA Pro.

MD380 USB Tools

  • Tools for working with codeplugs and firmware of the Tytera MD380. The wiki has a ton of documentation as well.

PBTK

  • A toolset for reverse engineering and fuzzing Protobuf-based apps.

PyREBox

  • A Python scriptable Reverse Engineering sandbox make by Cisco Talos.

r4ge

  • A radare2 Plugin to perform symbolic execution with a simple macro call. Internally it uses angr as execution engine. The Usage is possible with and without debugger, dynamic and static analysis mode.

radare2

  • Unix-like reverse engineering framework and commandline tools.

Untwister

  • Seed recovery tool for PRNGs.

Theory, Articles & Blogs

AMA with @jhaddix

  • Ask Me Anything with the current top bug hunter on BugCrowd.

Awesome Bug Bounty

  • A comprehensive curated list of Bug Bounty Programs and write-ups from the Bug Bounty hunters.

Bug Bounty in Five Years

Bug Bounty Reference

  • A list of bug bounty write-up that is categorized by the bug nature, this is inspired by Awesome Bug Bounty.

Bugcrowd

The Bug Hunters Methodology

Bughunter University (Google)

HackerOne

How to Become a Bug Hunter

  • Great little write-up by Bug Crowd.

How To Fail At Bughunting

Improving Your Reports

High Frequency Bug Hunting

How to become a successful Bug Bounty Hunter

Radare2 Dubugger Complete Cheat Sheet

Researcher Resources - How to become a Bug Bounty Hunter

Reverse Engineering for Beginners

Reverse Engineering Malicious Code Tips

Scrutiny on the Bug Bounty (Slides)

Vulners - HackerOne Blog

TGaktikselBugHunting