bug-bounty-hunting
CommunityRun a disciplined bug hunt from zero.
Education & Research#reconnaissance#report writing#evidence validation#bug bounty#exploit chain#vulnerability triage
Authorctahok
Version1.0.0
Installs0
System Documentation
What problem does it solve?
It helps you avoid aimless probing and consistently produce valid, impact-backed bug bounty results by guiding each stage from recon through validation and reporting.
Core Features & Use Cases
- 5-phase, non-linear methodology: Mode confirmation, mindset, reconnaissance, active hunting, and validation/triage.
- Chain-oriented exploitation planning: Systematically escalate from a signal bug (A) to compounding impact (B/C) instead of treating findings as isolated issues.
- Hard gates for proof quality: A “7-Question Gate” and pre-submission checks that kill low-confidence or out-of-scope claims before writing reports.
- Target selection framework: Crown-jewel targeting (auth, financials, upload/import, APIs, cloud metadata surfaces) to maximize payout probability.
Quick Start
Use the command: "Start bug bounty hunting for this target by confirming engagement type, running recon, selecting 1-2 vuln classes, and then applying the 7-question gate before drafting any report."
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: bug-bounty-hunting Download link: https://github.com/ctahok/hermes-bug-bounty-skills/archive/main.zip#bug-bounty-hunting Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.