AI-powered bug bounty hunting from your terminal - recon, 20 vuln classes, autonomous hunting, and report generation. All inside Claude Code.
Claude Bug Bounty is a Claude Code plugin that turns the Claude AI assistant into a terminal-based bug bounty hunting workflow covering reconnaissance through report submission. It installs a set of slash commands, including `/recon`, `/hunt`, `/validate`, `/report`, and `/autopilot`, each backed by external open-source tools such as subfinder, httpx, nuclei, katana, ffuf, and dalfox. The `/hunt` command tests for 20 Web2 vulnerability classes including IDOR, SSRF, SQL injection, HTTP request smuggling, and SAML attacks, while `/web3-audit` runs a 10-class smart contract audit against Solidity files with Foundry proof-of-concept templates. A 7-Question Gate in `/validate` filters out weak findings before reporting, and `/report` generates platform-specific submissions for HackerOne, Bugcrowd, Intigriti, and Immunefi in roughly 60 seconds. The plugin stores hunt memory in JSONL files, allowing sessions to resume mid-target and carry patterns across engagements. It requires Claude Code with a Pro or Max plan, making it suited to security researchers already working within that environment.
- ✓Open-source license (MIT)
- ✓Actively maintained (<30d)
- ✓Healthy fork ratio
- ✓Clear description
- ✓Topics declared
- ✓Documented (README)
git clone https://github.com/shuvonsec/claude-bug-bountyTools overview
What people ask about claude-bug-bounty
What is shuvonsec/claude-bug-bounty?
+
shuvonsec/claude-bug-bounty is tools for the Claude AI ecosystem. AI-powered bug bounty hunting from your terminal - recon, 20 vuln classes, autonomous hunting, and report generation. All inside Claude Code. It has 2.8k GitHub stars and was last updated today.
How do I install claude-bug-bounty?
+
You can install claude-bug-bounty by cloning the repository (https://github.com/shuvonsec/claude-bug-bounty) or following the README instructions on GitHub. ClaudeWave also provides quick install blocks on this page.
Is shuvonsec/claude-bug-bounty safe to use?
+
Our security agent has analyzed shuvonsec/claude-bug-bounty and assigned a Trust Score of 100/100 (tier: Verified). See the full breakdown of passed checks and flags on this page.
Who maintains shuvonsec/claude-bug-bounty?
+
shuvonsec/claude-bug-bounty is maintained by shuvonsec. The last recorded GitHub activity is from today, with 12 open issues.
Are there alternatives to claude-bug-bounty?
+
Yes. On ClaudeWave you can browse similar tools at /categories/tools, sorted by popularity or recent activity.
Deploy claude-bug-bounty to your cloud
Ship this repo to production in minutes. Each platform spins up its own environment with editable env vars.
Maintain this repo? Add a badge to your README
Drop the badge into your GitHub README to show it's tracked on ClaudeWave. Each badge links back to this page and reflects the live Trust Score.
[](https://claudewave.com/repo/shuvonsec-claude-bug-bounty)<a href="https://claudewave.com/repo/shuvonsec-claude-bug-bounty"><img src="https://claudewave.com/api/badge/shuvonsec-claude-bug-bounty" alt="Featured on ClaudeWave: shuvonsec/claude-bug-bounty" width="320" height="64" /></a>More Tools
A single CLAUDE.md file to improve Claude Code behavior, derived from Andrej Karpathy's observations on LLM coding pitfalls.
An AI SKILL that provide design intelligence for building professional UI/UX multiple platforms
🪨 why use many token when few token do trick — Claude Code skill that cuts 65% of tokens by talking like caveman
AI coding assistant skill (Claude Code, Codex, OpenCode, Cursor, Gemini CLI, and more). Turn any folder of code, SQL schemas, R scripts, shell scripts, docs, papers, images, or videos into a queryable knowledge graph. App code + database schema + infrastructure in one graph.
A light-weight and powerful meta-prompting, context engineering and spec-driven development system for Claude Code by TÂCHES.
CLI proxy that reduces LLM token consumption by 60-90% on common dev commands. Single Rust binary, zero dependencies