Forem

Cover image for These Two Tools Helped Me Earn $40K in Bounties
Awa
Awa

Posted on

These Two Tools Helped Me Earn $40K in Bounties

Hey Dev.to! 👋

I wanted to share two tools I built that helped me earn around $40K in bounties over the past two months. Both are open-source, easy to use, and work really well together (though they can be used independently too).

Tool #1: Wayurls

This tool is inspired by TomNomNom’s waybackurls, but I’ve made it faster and more reliable. It’s written in Go, and installation is as simple as:

go install github.com/alwalxed/wayurls@latest  
Enter fullscreen mode Exit fullscreen mode

You can find the repo here: https://github.com/alwalxed/wayurls.

Tool #2: Juicyurls

After gathering URLs with wayurls, I use juicyurls to filter them and find the interesting ones. It’s also written in Go and works great for narrowing down your targets. To install it, run:

go install github.com/alwalxed/juicyurls@latest  
Enter fullscreen mode Exit fullscreen mode

Here’s the repo for juicyurls: https://github.com/alwalxed/juicyurls.


I usually use these tools in a pipeline, but they can definitely be used on their own depending on your needs.

Feel free to check them out, and if you want to contribute or just want to say thanks, don’t hesitate to reach out.

Happy hunting! I hope these tools are as helpful to you as they’ve been to me! 😊


Tags:

#opensource #golang #bugbounty #infosec #waybackurls #securitytools #vulnerability #cybersecurity #pentesting #ethicalhacking #programming #developer #devtools #hackingtools #automation #open_source_software #github #kali #python #redteam #blueTeam #websecurity #dataanalysis #techtools #code #codetools #programmingtools #bughunting #vulndev #infoseccommunity #softwaredevelopment #coding #bugbountyhunter #cyberattack #cyberdefense #networksecurity #pentesttools #securityresearch #opensourcecommunity #techgeek #webscraping #hacker #programminglife #devops #hackthebox #osint #vulnerabilityassessment #securitytesting #programmingprojects #openprogramming #securityresearcher #blackhat #cyberthreats #hackertools

Image of Timescale

🚀 pgai Vectorizer: SQLAlchemy and LiteLLM Make Vector Search Simple

We built pgai Vectorizer to simplify embedding management for AI applications—without needing a separate database or complex infrastructure. Since launch, developers have created over 3,000 vectorizers on Timescale Cloud, with many more self-hosted.

Read full post →

Top comments (0)

Image of Docusign

🛠️ Bring your solution into Docusign. Reach over 1.6M customers.

Docusign is now extensible. Overcome challenges with disconnected products and inaccessible data by bringing your solutions into Docusign and publishing to 1.6M customers in the App Center.

Learn more

👋 Kindness is contagious

Engage with a sea of insights in this enlightening article, highly esteemed within the encouraging DEV Community. Programmers of every skill level are invited to participate and enrich our shared knowledge.

A simple "thank you" can uplift someone's spirits. Express your appreciation in the comments section!

On DEV, sharing knowledge smooths our journey and strengthens our community bonds. Found this useful? A brief thank you to the author can mean a lot.

Okay