new-target
CommunityRun safe first recon on a new bug bounty.
Software Engineering#subdomain discovery#bug bounty#technology fingerprinting#cve lookup#js analysis#endpoint mapping#recon enumeration
Authorcuongnguyen-git
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps you quickly and safely understand a brand-new bug bounty target by building an initial map of scope-aligned domains, live hosts, endpoints, JS assets, and relevant CVEs without jumping into exploitation.
Core Features & Use Cases
- Scope-driven recon: Parses
scope.md, generates a deduplicated root domain list (handling wildcards), and runs every phase only within scope-aligned roots. - End-to-end recon workflow: Enumerates subdomains, identifies live hosts, fingerprints tech stack, maps endpoints and historical URLs, and extracts JS-heavy surfaces.
- Target triage outputs: Produces recon artifacts plus a summary file with counts, discovered technologies, suggested manual starting points, and CVE hits for identified tech.
- Guardrails for safety: Explicitly avoids exploitation, avoids brute force, avoids writing to
/mnt/c/, and only runs targeted nuclei CVE templates (critical/high).
Quick Start
Run the skill with the program identifier as the argument so it reads ~/bugbounty/[target]/scope.md and writes all recon outputs into ~/bugbounty/[target]/recon/ in Kali WSL.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: new-target Download link: https://github.com/cuongnguyen-git/bug-bounty/archive/main.zip#new-target Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.