remember
The /remember command saves vulnerability findings and successful hunting patterns to persistent memory by logging details to journal.jsonl and optionally patterns.jsonl files. Use it after discovering a vulnerability to auto-populate from session context or prior /validate output, then confirm severity and payout information so future hunts on similar targets can leverage successful techniques.
mkdir -p ~/.claude/commands && curl -fsSL https://raw.githubusercontent.com/elementalsouls/Claude-BugHunter/HEAD/commands/remember.md -o ~/.claude/commands/remember.mdremember.md
# /remember
Save a finding or successful pattern to persistent hunt memory.
## What This Does
1. Auto-populates fields from session context (target, endpoint, vuln_class, technique)
2. If `/validate` was run in this session, pre-fills from validation output
3. Prompts you to confirm or edit before saving
4. Writes to `journal.jsonl` (always) + `patterns.jsonl` (if confirmed + payout > 0)
5. Updates the target profile's `tested_endpoints` and `findings`
## Usage
```
/remember # after finding something
/remember --from-validate # explicitly pull from last /validate
```
## Interactive Flow
```
REMEMBER — Log finding to hunt memory
Target: target.com (auto-detected)
Endpoint: /api/v2/users/{id}/orders (from session)
Vuln Class: idor (from session)
Technique: numeric_id_swap_with_put_method
Result: [confirmed / rejected / partial / informational]?
Severity: [critical / high / medium / low]?
Payout: $___?
Notes: ___?
Tags: [comma-separated]?
Save to hunt memory? [y/n]
```
## Minimum Required Fields
- target
- vuln_class
- endpoint
- result
## What Gets Written
| Field | journal.jsonl | patterns.jsonl | target profile |
|---|---|---|---|
| Finding details | Always | If confirmed + payout > 0 | findings[] updated |
| Tested endpoint | — | — | tested_endpoints[] updated |
| Tech stack | — | From target profile | — |
## Why This Matters
- Next time you hunt a target with similar tech stack, your successful patterns are suggested first
- `/pickup target.com` shows which endpoints you've tested and which remain
- Cross-target learning: patterns from target A inform hunting on target BRun autonomous hunt loop on a target — scope check → recon → rank surface → hunt → validate → report with configurable checkpoints. Usage: /autopilot target.com [--paranoid|--normal|--yolo]
Build an exploit chain — given bug A, finds B and C to combine for higher severity and payout. Knows common chain patterns: IDOR→ATO, SSRF→cloud metadata, XSS→ATO, open redirect→OAuth theft, S3→bundle→secret→OAuth. Usage: /chain
Active vulnerability hunting. Two-track dispatcher — asks Red Team vs WAPT, hands off to hunt-dispatch skill and sibling commands. Usage: /hunt target.com | /hunt *.target.com | /hunt targets.txt [--vuln-class X] [--source-code P] [--chrome]
On-demand intelligence fetch for a target — CVEs, disclosed reports, new features. Wraps learn.py + hunt memory context. Usage: /intel target.com
Inspect or rotate hunt-memory JSONL files (audit.jsonl, patterns.jsonl, journal.jsonl). Caps file size and keeps N rotated backups so memory does not grow unbounded.
Pick up a previous hunt on a target — shows hunt history, untested endpoints, and memory-informed suggestions. Usage: /pickup target.com
Run full recon pipeline on a target — subdomain enum (Chaos API + subfinder), live host discovery (dnsx + httpx), URL crawl (katana + waybackurls + gau), gf pattern classification, nuclei scan. Outputs to recon/<target>/ directory. Usage: /recon target.com
Write a submission-ready bug bounty report. Generates H1/Bugcrowd/Intigriti/Immunefi format with CVSS 3.1 score, proof of concept, impact statement, and remediation. Run /validate first. Usage: /report