Top 5 tools used in bug bounty.

top tools to used for bug bounty

Top tools used in bug bounty:
2. the Harvester


Nmap uses raw IP packets to determine −
• what hosts are available on the network,
• what services those hosts are offering,
what operating systems they are running on,
• what type of firewalls are in use, and other such characteristics?

Usage of Nmap is:
nmap [Scan Type(s)] [Options] {target specification}
Scan types include:

nmap usage

Target specification:

1.Everything on the Nmap command-line that isn’t an option (or option argument) is treated as a target host specification. The simplest case is to specify a target IP address or hostname for scanning.

2.When a hostname is given as a target, it is resolved via the Domain Name System (DNS) to determine the IP address to scan. If the name resolves to more than one IP address, only the first one will be scanned. To make Nmap scan all the resolved addresses instead of only the first one, use the — resolve-all option.

# Target specifications be like: nmap –sS(WHICH ARE OPTIONS) {target specifications be like) ipaddress or website name

Example: nmap 10.0.0,1,3–7 This command will scan the ipadress and give the open ports and much more info about target..

2.the Harvester:

Usage of theHarvester: theHarvester

Scanning using theHarvester:

To get the following result
Command explanation:
-d- used for specify the target you want to scan for subdomains
-b-used for the source you want search the target


Burp suite is most useful tool in bug bounty as many bug bounty hunters use this tool for fuzzing,scanning,spidering and for more process in bug bounty hunting.

In addition to the proxy/spider tools just described another range of tools that are often useful during application mapping are the various browser extensions that can perform HTTP and HTML analysis from within the browser interface. For example, the IEWatch tool which runs within Microsoft Internet Explorer, monitors all details of requests and responses, including headers, request parameters, and cookies. It analyzes every application page to display links, scripts, forms, and thick-client components. Of course, all this information can be viewed in your intercepting proxy but having second record of useful mapping data can only help you better understand the application and enumerate all its functionality. for more information about tools of this kind.


With Metasploit, you can perform the following operations

•Conduct basic penetration tests on small networks

• Run spot checks on the exploitability of vulnerabilities

• Discover the network or import scan data

  • Browse exploit modules and run individual exploits on host HARDWARE

2.Graphics card(for faster process)
3.More clock speed for faster results.
Commands to use metaspoilt:
msfconsole-In Linux it will starts Metasploit by this command
In msfconsole use search keyword to search exploits for your target.

Speciality of Metasploit:
It contains upto:
metasploit v6.0.16-dev
2074 exploits — 1124 auxiliary — 352 post
592 payloads — 45 encoders — 10 nops
7 evasion


Waaplyzer provides the critical infos like wordpress version and their backend in mysql and javascript libraries and much more information what we need this infos will help you find this bug through exploiting the websites using metaspoilt exploits.

Thank you hope you like it!!!

We Provide a great Cybersecurity solutions and business analytics solutions.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store