Tools and Hacks

List of my toolkit for Bug Bounty Hunting and also some extensions for Firefox.

Best Tools for Bug Bounty

• Reconnaissance:

  • Subdomains: Subfinder

  • IPs and CIDRs:

    • Censys.io

    • Nmap

    • Shodan

  • Google Dorking: dumpdork

  • Crawl:

    • Katana

    • hakrawler

  • HTTP Toolkit:

    • httpx

    • curl

  • Open Ports Discovery: naabu

  • DNS Queries:

    • dnsx

    • dig

  • Parameter Finder:

    • xnLinkfinder

    • Arjun

  • Passive Crawl:

    • gau

    • waybackurls

  • Cloud Buckets Discovery:

    • CloudHunter

    • cloud_enum

• Explotation

  • Manual: Burp Suite

  • Out-of-Band (OOB): Interactsh

  • Automation: Nuclei

  • XSS:

    • XSS Cheatsheet (Burp Extension)

    • Gxss

    • Dalfox

  • Fuzzing: FFUF

  • Directories:

    • Feroxbuster

    • Gobuster

  • SQL Injection:

    • SQLmap

    • Ghauri

  • SSTI: SSTImap

  • WAF Bypass: Hackvertor (Burp Extension)

  • 401/403 Bypass: Bypass Url Parser

  • APIs:

    • Postman

    • mitmweb

    • mitmproxy2swagger

    • postleaks

  • JWT (JSON Web Tokens):

    • JWT Editor (Burp Extension)

    • jwt_tool.py

Firefox Extensions

• Wappalyzer (https://addons.mozilla.org/en-US/firefox/addon/wappalyzer/)

• Cookie-Editor (https://addons.mozilla.org/en-US/firefox/addon/cookie-editor/)

• FoxyProxy Standard (https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/)

• User-Agent Switcher and Manager (https://addons.mozilla.org/en-US/firefox/addon/user-agent-string-switcher/)

• Modify Header Value (https://addons.mozilla.org/en-US/firefox/addon/modify-header-value/)

• Firefox Multi-Account Containers (https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/)

• Shodan (https://addons.mozilla.org/en-US/firefox/addon/shodan-addon/)

---