Essential Free Tools for Bug Bounty - বাগ বাউন্টির প্রয়োজনীয় ফ্রি টুলস

Essential Free Tools for Bug Bounty - বাগ বাউন্টির প্রয়োজনীয় ফ্রি টুলস

Essential Free Tools for Bug Bounty - বাগ বাউন্টির প্রয়োজনীয় ফ্রি টুলস

১। DNS Scan: https://github.com/rbsec/dnscan

২। Knock Subdomain Scan: https://github.com/guelfoweb/knock

৩। Sublist3r: https://github.com/aboul3la/Sublist3r

৪। A high-performance DNS stub resolver: https://github.com/blechschmidt/massdns

৫। nmap: https://nmap.org/

৬। Eye Witness: https://github.com/RedSiege/EyeWitness

৭। DirBuster: https://sourceforge.net/projects/dirbuster/

৮। dirsearch - Web path discovery: https://github.com/maurosoria/dirsearch

৯। Gitrob: Putting the Open Source in OSINT: https://github.com/michenriksen/gitrob

১০। git-secrets: https://github.com/awslabs/git-secrets

১১। Sandcastle: https://github.com/EWSoftware/SHFB

১২। bucket_finder: https://digi.ninja/projects/bucket_finder.php

১৩। GoogD0rker is a tool for firing off google dorks against a target domain: https://github.com/ZephrFish/GoogD0rker/

১৪। Wayback Machine: https://web.archive.org/

১৫। waybackurls: https://gist.github.com/mhmdiaa/adf6bff70142e5091792841d4b372050

১৬। Attack Surface Management Platform: https://github.com/1N3/Sn1per/

১৭। XRay: https://github.com/evilsocket/xray

১৮। Web application fuzzer: https://github.com/xmendez/wfuzz/

১৯। Patator: https://github.com/lanjelot/patator

২০। datasploit: https://github.com/DataSploit/datasploit

২১। thc-hydra: https://github.com/vanhauser-thc/thc-hydra

২২। changeme: https://github.com/ztgrace/changeme

২৩। Mobile Security Framework (MobSF): https://github.com/MobSF/Mobile-Security-Framework-MobSF/

২৪। Apktool is a tool for reverse engineering third-party: https://github.com/iBotPeaches/Apktool

২৫। dex2jar: https://sourceforge.net/projects/dex2jar/

২৬। sqlmap: https://sqlmap.org/

২৭। XXE/XML exploits: https://github.com/BuffaloWill/oxml_xxe/

২৮। XXEinjector automates retrieving files using direct and out of band methods: https://github.com/enjoiz/XXEinjector

২৯। A toolkit for testing, tweaking and cracking JSON Web Tokens: https://github.com/ticarpi/jwt_tool

৩০। A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.: https://github.com/jobertabma/ground-control

৩১। Server-side request forgery detector: https://github.com/JacobReynolds/ssrfDetector

৩২। Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner: https://github.com/D35m0nd142/LFISuite

৩৩। GitTools: https://github.com/internetwache/GitTools

৩৪। Rip web accessible (distributed) version control systems: SVN, GIT, Mercurial/hg, ৩৫। bzr:https://github.com/kost/dvcs-ripper

৩৬। A tool that can help detect and takeover subdomains with dead DNS records: https://github.com/anshumanbh/tko-subs

৩৭। HostileSubBruteforcer: https://github.com/nahamsec/HostileSubBruteforcer

৩৮। tests for race conditions in web applications:https://github.com/TheHackerDev/race-the-web

৩৯। ysoserial: https://github.com/GoSecure/ysoserial

৪০। PHPGGC: https://github.com/ambionics/phpggc

৪১। CORStest: https://github.com/RUB-NDS/CORStest

৪২। retire.js: https://github.com/RetireJS/retire.js

৪৩। getsploit: https://github.com/vulnersCom/getsploit

৪৪। Find sploit: https://github.com/1N3/Findsploit

৪৫। BFAC: https://github.com/mazen160/bfac

৪৬। WPScan: https://github.com/wpscanteam/wpscan

৪৭। CMSmap is a python open source CMS scanner: https://github.com/Dionach/CMSmap

৪৮। OWASP Amass: https://github.com/owasp-amass/amass

৪৯। Extra Tools http://projectdiscovery.io