AI-powered bug bounty hunting from your terminal - recon, 20 vuln classes, autonomous hunting, and report generation. All inside Claude Code.
-
Updated
Jun 21, 2026 - Python
AI-powered bug bounty hunting from your terminal - recon, 20 vuln classes, autonomous hunting, and report generation. All inside Claude Code.
A Claude Code skill bundle for bug hunting and external red-team work — 71 skills, 15 slash commands, 681 disclosed-report patterns curated across 24 core vulnerability classes, plus enterprise identity + infrastructure attack matrices.
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Tips and Tutorials for Bug Bounty and also Penetration Tests.
Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term (dork) with a default set of websites, bug bounty programs or custom collection.
BUG BOUNTY WRITEUPS - OWASP TOP 10 🔴🔴🔴🔴✔
Bug bounty agent framework for Claude Code, Codex, Gemini, Cursor, Windsurf, Copilot, and OpenClaw — 48 agents, 26 commands, 19 CLI tools, 2 MCP servers, autonomous hunt loops, exploit chain builder.
This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Jie stands out as a comprehensive security assessment and exploitation tool meticulously crafted for web applications. Its robust suite of features encompasses vulnerability scanning, information gathering, and exploitation, elevating it to an indispensable toolkit for both security professionals and penetration testers. 挖洞辅助工具(漏洞扫描、信息收集)
Bugcrowd’s baseline priority ratings for common security vulnerabilities
DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it
Monitoring framework to detect and report newly found subdomains on a specific target using various scanning tools
Python library and CLI for the Bug Bounty Recon API
Domains belonging to the most reputed public bug bounty programs. [NOT FOR NON-MONETARY OR PRIVATE PROGRAMS]
Hacking tools
⚡Chrome extension allows you to create lists of Google and Github dork to open multiple tabs with one click, import "scope/out of scope" from #HackerOne #Bugcrowd #Intigriti ...
Add a description, image, and links to the bugcrowd topic page so that developers can more easily learn about it.
To associate your repository with the bugcrowd topic, visit your repo's landing page and select "manage topics."