This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

Generate Claude Code bug bounty skills from public HackerOne reports and GitHub writeups — 18 vuln classes, no private reports needed

The wordlists that have been compiled using disclosed reports at HackerOne bug bounty platform

Complete collection of bug bounty reports from Hackerone.

A python tool which runs to display random publicly disclosed Hackerone reports when bored. Automatically opens the report in browser.(Addtl. support for 700+ bug bounty writeups.)

A tool to generate statistics and help manage bug bounty reports in HackerOne.

These tools are primarily intended for use in professional engagements, including both commissioned attacks and voluntary bug bounty programs on platforms like HackerOne and others. The goal is to identify and report potential vulnerabilities, contributing to a safer and more secure digital landscape.

HackerOne API tool for Strands Agents. Automate bug bounty research, program monitoring, and report management with AI.

An automated bug bounty recon pipeline with AI-powered host triage, findings analysis, and HackerOne report drafting.

Web Vulnerability Scanner automates bug hunting for web app vulnerabilities. It crawls sites, detects SQLi, XSS, & more, generating detailed reports. Real-time feedback enhances scanning process. Streamlines bug bounty hunting for platforms like HackerOne. Empowers users to proactively secure web apps.

The wordlists that have been compiled using disclosed reports at HackerOne bug bounty platform

📚 Publicly disclosed HackerOne bug bounty reports — curated for security researchers to learn real-world vulnerabilities & techniques.

Local-first bug bounty scope manager. Syncs HackerOne + Intigriti programs, scope, and reports into SQLite. Search, classify, export.

Safe, policy-aware HackerOne bug bounty automation MVP with passive recon, triage, professional reporting, and OpenClaw integration

Automated bug detection and reconnaissance toolkit for Crypto.com HackerOne Bug Bounty Program. Tools: Subfinder, API testing, vulnerability scanning, and reporting automation.

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

A powerful, feature-rich desktop application for creating professional vulnerability triage reports for HackerOne and bug bounty programs. Built with PyQt6, this tool streamlines the report writing process with intelligent automation and organization features.

A tool to help bug bounty hunters and security researchers resolve duplicate bug report issues on platforms like HackerOne. This repository provides a suite of tools and APIs to automatically detect, appeal, and manage duplicate bug reports, ensuring that critical vulnerabilities are addressed in a timely manner.

A safe, non-destructive bug-bounty helper that runs OWASP-lite checks and collects a “Proof Pack” (HTML report, HTTP transcript, JSON findings, curl repros). Great for HackerOne/Bugcrowd/VRPs to demonstrate impact without exploits.

An advanced bug bounty lab platform simulating real‑world SaaS security failures. Features pro‑to‑master level vulnerabilities including authorization invariant violations, race conditions, state desynchronization, and async logic flaws. No CTFs, no flags — code‑first, white‑box labs built to mirror real HackerOne reports.

HackHunt is a comprehensive bug bounty platform designed to connect security researchers with organizations seeking to improve their cybersecurity. Inspired by leading platforms like HackerOne and Bugcrowd, HackHunt provides a streamlined environment for vulnerability reporting, triaging, and rewards management.