├── README.md
└── Tools.md


/README.md:
--------------------------------------------------------------------------------
1 | # BugBountyTools
2 | Tools i use for Bug Bounty Hunting
3 | 


--------------------------------------------------------------------------------
/Tools.md:
--------------------------------------------------------------------------------
 1 | 	• Burpsuite - Intercepting proxy 
 2 | 	• Firefox or chrome - 
 3 |           -> Foxyproxy, cookie manager and builtwith
 4 | 	• OWASP Zap - alternative to burp
 5 | 
 6 | 	• Wfuzz- fuzzer and discovery tool - allows the discovery of web content by using wordlists 
 7 | 	• Dirb/dirbuster - brute force directories and files names on web/application servers.
 8 | 	• Knockpy - subdomain enum using wordlists
 9 | 	• Sublist3r - Subdomain enumeration with the use of search engines or OSINT
10 | 	• Seclists - great lists for assessments, usernames, passwords, URLs, fuzzing strings,common directories/files/sub domains 
11 | 	
12 | 	• Scrapy -Web crawling framework that allows you to create your own web crawlers
13 | 	• Cyberchef - encoding & decoding
14 | 	• Google dorks
15 | 	• What CMS - discover cms being used
16 | 	• sqlmap
17 | 	• Striker - Striker is an offensive information and vulnerability scanner. Mainly DNS
18 | 
19 | CMS - Wpscan joomscan etc
20 | 
21 | For exploits we use exploit-db 
22 | 	
23 | 


--------------------------------------------------------------------------------