A list of resources for those interested in getting started in bug bounties
reconFTW is a tool designed to perform automated recon on a target domai...
Top disclosed reports from HackerOne
Automatic SSRF fuzzer and exploitation tool
This tool generates gopher link for exploiting SSRF and gaining RCE in v...
SSRF (Server Side Request Forgery) testing resources
Java web common vulnerabilities and security code which is base on sprin...
Getting started with java code auditing 代码审计入门的小项目
ScanT3r - Module based Bug Bounty Automation Tool ( use Lotus instead gi...
This Lab contain the sample codes which are vulnerable to Server-Side Re...
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆...
Tool to help exploit XXE vulnerabilities
RevSuit is a flexible and powerful reverse connection platform designed ...
An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
Redis 4.x/5.x RCE