DEV Community

Cover image for These Two Tools Helped Me Earn $40K in Bounties
Awa
Awa

Posted on

These Two Tools Helped Me Earn $40K in Bounties

Hey Dev.to! 👋

I wanted to share two tools I built that helped me earn around $40K in bounties over the past two months. Both are open-source, easy to use, and work really well together (though they can be used independently too).

Tool #1: Wayurls

This tool is inspired by TomNomNom’s waybackurls, but I’ve made it faster and more reliable. It’s written in Go, and installation is as simple as:

go install github.com/alwalxed/wayurls@latest  
Enter fullscreen mode Exit fullscreen mode

You can find the repo here: https://github.com/alwalxed/wayurls.

Tool #2: Juicyurls

After gathering URLs with wayurls, I use juicyurls to filter them and find the interesting ones. It’s also written in Go and works great for narrowing down your targets. To install it, run:

go install github.com/alwalxed/juicyurls@latest  
Enter fullscreen mode Exit fullscreen mode

Here’s the repo for juicyurls: https://github.com/alwalxed/juicyurls.


I usually use these tools in a pipeline, but they can definitely be used on their own depending on your needs.

Feel free to check them out, and if you want to contribute or just want to say thanks, don’t hesitate to reach out.

Happy hunting! I hope these tools are as helpful to you as they’ve been to me! 😊


Tags:

#opensource #golang #bugbounty #infosec #waybackurls #securitytools #vulnerability #cybersecurity #pentesting #ethicalhacking #programming #developer #devtools #hackingtools #automation #open_source_software #github #kali #python #redteam #blueTeam #websecurity #dataanalysis #techtools #code #codetools #programmingtools #bughunting #vulndev #infoseccommunity #softwaredevelopment #coding #bugbountyhunter #cyberattack #cyberdefense #networksecurity #pentesttools #securityresearch #opensourcecommunity #techgeek #webscraping #hacker #programminglife #devops #hackthebox #osint #vulnerabilityassessment #securitytesting #programmingprojects #openprogramming #securityresearcher #blackhat #cyberthreats #hackertools

Sentry image

Hands-on debugging session: instrument, monitor, and fix

Join Lazar for a hands-on session where you’ll build it, break it, debug it, and fix it. You’ll set up Sentry, track errors, use Session Replay and Tracing, and leverage some good ol’ AI to find and fix issues fast.

RSVP here →

Top comments (0)

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

AWS GenAI LIVE!

GenAI LIVE! is a dynamic live-streamed show exploring how AWS and our partners are helping organizations unlock real value with generative AI.

Tune in to the full event

DEV is partnering to bring live events to the community. Join us or dismiss this billboard if you're not interested. ❤️