hunt-business-logic
CommunityFind high-impact auth, verification, and payout bugs
System Documentation
What problem does it solve?
It helps you discover business logic vulnerabilities where the application makes security- or money-critical decisions based on untrusted inputs, missing server-side verification, or spoofable controls.
Core Features & Use Cases
- Step-skip and verification bypass hunting: Identify flows where the UI enforces verification or authorization but the underlying endpoints still work when called directly.
- Payment and webhook integrity testing: Probe checkout, payment initiation, and callback/webhook endpoints for missing server validation and missing/weak signature verification.
- Rate-limit and trust-boundary probing: Check whether controls can be bypassed by rotating spoofable IP headers or replaying/altering stateful request data.
Use cases: hunting on e-commerce and payment flows, subscription and verification endpoints, marketplace/gig identity gates, and exposed internal/employee surfaces that are reachable without proper access control.
Quick Start
Use the hunt-business-logic skill on the target domain by asking me to enumerate authentication boundaries, verification flows, payment/webhook endpoints, and then draft findings focused on financial impact or unauthorized access.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: hunt-business-logic Download link: https://github.com/AKasem1/claude-bug-bounty/archive/main.zip#hunt-business-logic Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.