3 Bug Bounty Tools - Part 1 #shorts

HackBar :

HackBar is a security auditing/penetration tool that is a Mozilla Firefox add-on. Bug bounty hunters will find that this tool allows them to test site security, XSS holes and SQL injections.

Some of the advantages of HackBar include:
All HackBar functions work on text that you currently have selected
Hashing of MD5/SHA1/SHA256
Sandbox-like text area
Useful MS SQL Server/MySQL shortcuts

Wfuzz :

Written in Python, Wfuzz is a tool that will help bug bounty hunters bruteforce web applications. Wfuzz is useful for sniffing out resources that are not linked such as directories and scripts, POST and GET parameter-checking for multiple kinds of injections, form parameter checking, fuzzing and other uses.

Features that users will find attractive include:
Default output is in HTML
Capability to check multiple injection points
Bruteforcing for all parameters
Automatic/artificial request time delays
Results can be hidden via word numbers, return code, line numbers and regex.

Wapiti :

Wapiti is a command-line application tool that allows bug bounty hunters to audit the security of websites and web applications. Operationally, Wapiti crawls web applications with black-box scans and looks for points where it can inject code. When Wapiti finds a list of forms, form inputs and URLs, it acts like a fuzzer by injecting payloads to check for script vulnerability.

Some notable features include:
Server-side request forgery
Reflected and permanent XSS injection
ShellShock
Includes a buster module that allows for bruteforcing filenames and directories on a target web server
POST HTTP and GET attack methods are supported
The scan process includes an option to set maximum scan time

That’s all !! Hope you liked the information.
Wait for Part-2 | Share with your Hunter friends in Bug Bounty Community.
Follow & Like For More Such Contents.