What tools kit need to pentest — bugbounty

Summary

Hi guys, Today i will share something tools kit that i used to penetration test and hunter the bug bounty. I hope that can be help someone to begin this “game” quickly.

Tools kit

Payload Fuzzing — Burp Intruder

Has many payload for burp intruder from third party provider. I will updated frequently if i find new source useful.

Payloads All The Things

• https://github.com/swisskyrepo/PayloadsAllTheThings

Wfuzz — The Web Fuzzer

• https://github.com/xmendez/wfuzz

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

• https://github.com/fuzzdb-project/fuzzdb
• https://github.com/danielmiessler/SecLists

Scanner + Exploit Vuln

WordPress Vulnerability Scanner

• https://github.com/wpscanteam/wpscan

OWASP Joomla Vulnerability Scanner

• https://github.com/rezasp/joomscan

Advanced XSS Detection Suite

• https://github.com/s0md3v/XSStrike

Detecting and exploiting SQL injection

• https://github.com/sqlmapproject/sqlmap

Firewall detection tool

• https://github.com/Ekultek/WhatWaf

Download

Download all tools kit at : https://github.com/noobpk/tools-pentest-bugbounty