Some tools for Bug Bounty Hunting and How to Use them.

Hello Everyone! I have listed some of the popular & easiest tools for bug hunting. Check them out.


FoxyProxy automates the manual process of editing Firefox’s Connection Settings dialog. It switches internet connections across multiple proxy servers.


It provides access to web content using wordlists. Wfuzz comes pre-installed with kali linux. Just run the following command to run it.

# wfuzz


Knockpy is widely used for subdomain enumeration. This tool can be found on this website :

Usage :

# git clone
# cd knock
# nano knockpy/config.json
Set your virustotal API_KEY# python install# knockpy [-h] [-v] [-w WORDLIST] [-r] [-c] [-j] domain

5. Sublist3r

It enumerates the subdomains using Open Source Intelligence with the help of various search engines. You can read more about this tool —

Usage :

# git clone
# pip install -r requirements.txt
# apt-get install python-requests python-dnspython python-argparse
# python -h

6. Striker

A popular information & vulnerability scanner tool.


# git clone
# cd Striker
# pip install -r requirements.txt
# python <URL>


A popular tool, used to perform encoding and decoding. Many other features are also included. You can use it online:

8. SecLists

A hacker must be aware of this tool as it consists of multiple types of wordlists for different security assessments.


# git clone
# cd Seclists

There are many more tools but I can not mention all of them, yet I have tried to list the easiest & beginner friendly tools. I hope that you find them useful.

Happy Hacking. 😀 This content is made available for educational & informational purposes only!🌼



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store