A powerful JavaScript monitoring tool for bug bounty hunters. Track changes in JavaScript files across websites, detect new attack surfaces, and stay ahead of security vulnerabilities.

Go 87 14 Updated Apr 19, 2025

greshake / llm-security

New ways of breaking app-integrated LLMs

Jupyter Notebook 2,036 141 Updated Jul 17, 2025

midoxnet / mapperplus

MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.

JavaScript 286 29 Updated Oct 5, 2024

BishopFox / jsluice

Extract URLs, paths, secrets, and other interesting bits from JavaScript

Go 1,711 132 Updated May 22, 2024

xnl-h4ck3r / xnLinkFinder

A python tool used to discover endpoints, potential parameters, and a target specific wordlist for a given target

Python 1,460 181 Updated Jan 8, 2026

streaak / keyhacks

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

5,994 1,189 Updated Aug 14, 2024

dirtycoder0124 / HTML-Search-Engine---Chrome-extension

A Chrome extension that automatically scans web pages and internal links for user-defined keywords, storing results and sending notifications or alerts.

JavaScript 25 4 Updated Sep 28, 2025

dwisiswant0 / apkleaks

Scanning APK file for URIs, endpoints & secrets.

Python 5,773 560 Updated Aug 20, 2025

iamthefrogy / frogy2.0

Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit

HTML 323 72 Updated Oct 25, 2025

microsoft / AI-Red-Teaming-Playground-Labs

AI Red Teaming playground labs to run AI Red Teaming trainings including infrastructure.

TypeScript 1,776 263 Updated Jan 9, 2026

TakSec / google-dorks-bug-bounty

A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting

1,716 243 Updated Sep 29, 2025

QwenLM / qwen-code

An open-source AI agent that lives in your terminal.

TypeScript 17,210 1,490 Updated Jan 9, 2026

Hannibal046 / Awesome-LLM

Awesome-LLM: a curated list of Large Language Model

25,976 2,249 Updated Jul 31, 2025

RenwaX23 / XSS-Payloads

List of XSS Vectors/Payloads

1,354 269 Updated Jan 2, 2025

GreHack / CTF-challs

Here are the challenges (including sources) of the GreHack CTF.

C 107 28 Updated May 18, 2024

aliasrobotics / cai

Cybersecurity AI (CAI), the framework for AI Security

Python 6,660 918 Updated Dec 23, 2025

onhexgroup / Conferences

Conference presentation slides

2,347 414 Updated Nov 15, 2025

yassinmohamed1111 / superxss

Just A list Of Some Multilingual XSS Payloads and other weird ones i made

122 13 Updated Sep 28, 2025

aszx87410 / beyond-xss

Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security

JavaScript 170 37 Updated Oct 27, 2025

KingOfBugbounty / KingOfBugBountyTips

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…

Go 5,047 920 Updated Jan 1, 2026