Ben Sadeghipour

Elite
@nahamsec

Resources-for-Beginner-Bug-Bounty-Hunters. A list of resources for those interested in getting started in bug bounties

12k

lazyrecon. This script is intended to automate your reconnaissance process in an organized fashion

2k

bbht. A script to set up a quick Ubuntu 17.10 x64 box with tools I use.

1.2k

JSParser. Python

842

lazys3. Ruby

632

nahamsec.training. The labs for my Udemy course (https://www.udemy.com/course/intro-to-bug-bounty-by-nahamsec)

485

HostileSubBruteforcer. Ruby

481

recon_profile. Shell

436

crtndstry. Yet another subdomain finder

213

SundayStreams. Data from my Sunday streams

74

SecLists. SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.

55

recondata. use at your own risk

39

burpy. Portable and flexible web application security assessment tool.It parses Burp Suite log and performs various tests depending on the module provided and finally generate a HTML report.

37

juice-shop. OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

23

intrigue-core. Intelligence gathering framework

16

hacker101. Source code for Hacker101.com - a free online web and mobile security class.

15

todo-goof. Java

9

wordpress-test. PHP

8

libricons. An icon font for everyone.

7

apexparser. Go

6

test. test

5

nahamsec.github.io. HTML

5

HTB-Test. test

4

nahamsec-site-preview. HTML

1
24
Apply