Some tools for Bug Bounty Hunting and How to Use them.

Hello Everyone! I have listed some of the popular & easiest tools for bug hunting. Check them out.


FoxyProxy automates the manual process of editing Firefox’s Connection Settings dialog. It switches internet connections across multiple proxy servers.


It provides access to web content using wordlists. Wfuzz comes pre-installed with kali linux. Just run the following command to run it.

# wfuzz


Knockpy is widely used for subdomain enumeration. This tool can be found on this website :

Usage :

# git clone
# cd knock
# nano knockpy/config.json
Set your virustotal API_KEY# python install# knockpy [-h] [-v] [-w WORDLIST] [-r] [-c] [-j] domain

5. Sublist3r

It enumerates the subdomains using Open Source Intelligence with the help of various search engines. You can read more about this tool —

Usage :

# git clone
# pip install -r requirements.txt
# apt-get install python-requests python-dnspython python-argparse
# python -h

6. Striker

A popular information & vulnerability scanner tool.


# git clone
# cd Striker
# pip install -r requirements.txt
# python <URL>


A popular tool, used to perform encoding and decoding. Many other features are also included. You can use it online:

8. SecLists

A hacker must be aware of this tool as it consists of multiple types of wordlists for different security assessments.


# git clone
# cd Seclists

There are many more tools but I can not mention all of them, yet I have tried to list the easiest & beginner friendly tools. I hope that you find them useful.

Happy Hacking. 😀 This content is made available for educational & informational purposes only!🌼




Cyber Security Enthusiast

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Run. Hide. Fight.

Write your own ARP SPOOF DETECTOR in Python : Coding For Cyber Security ( Program №5)

New Features in the Chain Desktop Wallet DApp Browser

{UPDATE} 大清风云 - 皇帝养成类游戏 Hack Free Resources Generator

Did you know that your IP address can be exposed when MetaMask and NFTs come together?

Coinbase Pro is live on Mudrex Invest! | Mudrex Blog

ICONFi to Support BAND Staking and Strategically Partners With Band Protocol For Secure Reference…

How to establish good Cyber Hygiene | Free Premium Courses

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Cyber Security Enthusiast

More from Medium

How to spoof e-mails. (DMARC, SPF, and Phishing)

Eternal Blue — Lab and Process Report

Cross-Site Scripting (XSS) | TryHackMe (THM)

THM — Steel Mountain