HackTheBox

HackTheBox — Writeups, Tooling & Exploitation Pipelines A wor...

bugbounty-toolkit

🎯 Bug Bounty Recon Toolkit Automated recon toolkit for author...

Hunting-Bugs

2026 Practical Bug Bounty Guide Built on real-world experie...

PHANTOM

PHANTOM Autonomous Penetration Testing Framework Recon -...

Malicious code in crypt0co-walet-poc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5510d98b1e380f6c130bf9b4428321d711ae88d8a4fcb66368a2f6fb4e7ff58 On require/import, index.js lines 6-12 serializes the full process.env to /tmp/pocimpact.json and runs whoami and ip addr via execSync to fingerprint...

zparty

Zparty Automated web penetration testing framework with loc...

BUG-BOUNTY-METHODOLOGY

🕷️ Bug Bounty & Pentest Web — Metodologia Completa "Script...

hunt-skill

/hunt — Bug Bounty Hunt Skill for Claude Code A complete bug...

Lyussfyuring002

lyussfyuring002 web exploitation + OSINT toolkit for people...

hunter-max-oss

hunter-max A bug-bounty research framework. Two pieces: 1...

IMF-1-walkthrough

IMF: 1 — Boot2Root Walkthrough Platform: VulnHub Diff...

vulnscanx_v2

⚡ VulnScanX Advanced Vulnerability Scanning & Penetration...

WebVuln-Chain-Framework

WebVuln Chain Framework Modular web vulnerability scanner w...

tachyon

Tachyon Tachyon is a Go-based command-line web vulnerability...

cruxss-bb-agent

CRUXSS Bug Bounty Agent A semi-autonomous bug bounty hunting...

vulnswarm

VulnSwarm AI-powered vulnerability discovery using multi-agen...

infosec-notebook

infosec-notebook Personal cybersecurity notes and references...

METATRON AI Penetration Testing

Metatron is a CLI-based AI penetration testing assistant that runs entirely on your local machine - no cloud, no API keys, no subscriptions. You give it a target IP or domain. It runs real recon tools nmap, whois, whatweb, curl, dig, nikto, feeds all results to a locally running AI model, and the...

CVE-2026-26416

An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to escalate privileges across role boundaries via crafted requests...

CVE-2026-26418

Missing authentication and authorization in the web API of Tata Consultancy Services Cognix Recon Client v3.0 allows remote attackers to access application functionality without restriction via the network...