# Awesome Bug Bounty Tools [![Awesome](https://awesome.re/badge.svg)](https://awesome.re)

> Curated list of various bug bounty tools

## Contents

- [Recon](#Recon)
    - [Subdomains](#Subdomains)
    - [Ports](#Ports)
    - [Screenshots](#Screenshots)
    - [Technologies](#Technologies)
    - [Files/directories](#Files/directories)
    - [Secrets](#Secrets)
    - [Buckets](#Buckets)
    - [Git](#Git)

- [Exploitation](#Exploitation)
    - [CMS](#)
    - [Command Injection](#)
    - [CORS Misconfiguration](#)
    - [CRLF Injection](#)
    - [CSRF Injection](#)
    - [Directory Traversal](#)
    - [File Inclusion](#)
    - [GraphQL Injection](#)
    - [HTTP Parameter Pollution](#)
    - [Insecure Deserialization](#)
    - [Insecure Direct Object References](#)
    - [JSON Web Token](#JSON Web Token)
    - [Open Redirect](#)
    - [Race Condition](#)
    - [Request Smuggling](#)
    - [Server Side Request Forgery](#)
    - [SQL Injection](#)
    - [Subdomain takeover](#)
    - [XSS Injection](#)
    - [XXE Injection](#)


---

## Exploitation

Lorem ipsum dolor sit amet

    ### JSON Web Token

    Lorem ipsum dolor sit amet

    - [bar](#bar)


## Contribute

Contributions welcome! Read the [contribution guidelines](contributing.md) first.


## License

[![CC0](https://mirrors.creativecommons.org/presskit/buttons/88x31/svg/cc-zero.svg)](https://creativecommons.org/publicdomain/zero/1.0)

To the extent possible under law, vavkamil has waived all copyright and
related or neighboring rights to this work.