BugHunter – Bug Bounty Toolkit Powered by Claude and Free AI Providers
Cybersecurity NewsArchived Jun 13, 2026✓ Full text saved
A new open-source bug bounty hunting toolkit called BugHunter, built on top of Anthropic’s Claude Code and now extended to support free AI providers like Ollama and Groq, is gaining traction in the security research community for automating the full vulnerability discovery and reporting pipeline. Developed by security researcher Shuvon Md Shariar Shanaz and hosted […] The post BugHunter – Bug Bounty Toolkit Powered by Claude and Free AI Providers appeared first on Cyber Security News .
Full text archived locally
✦ AI Summary· Claude Sonnet
HomeCyber Security
BugHunter – Bug Bounty Toolkit Powered by Claude and Free AI Providers
By Guru Baran
June 13, 2026
A new open-source bug bounty hunting toolkit called BugHunter, built on top of Anthropic’s Claude Code and now extended to support free AI providers like Ollama and Groq, is gaining traction in the security research community for automating the full vulnerability discovery and reporting pipeline.
Developed by security researcher Shuvon Md Shariar Shanaz and hosted at GitHub, BugHunter covers every phase of a bug bounty engagement: subdomain enumeration, live host discovery, vulnerability testing across 20+ Web2 and 10 Web3 bug classes, finding validation via a 7-Question Gate, and submission-ready report generation for HackerOne, Bugcrowd, Intigriti, and Immunefi, all from a single terminal command.
Bug Bounty Standalone Toolkit
Previously limited to users with a Claude Code or Claude Pro subscription, BugHunter now ships as a fully standalone CLI tool the bughunter command powered by free and low-cost AI providers. The update significantly lowers the barrier to entry for independent researchers. Free provider support includes:
Ollama – fully offline, runs locally on the researcher’s machine at zero cost
Groq – free cloud tier with very fast inference speeds
DeepSeek – cloud-based at approximately $0.001 per 1,000 tokens
Claude API / OpenAI – paid, for users who prefer Anthropic or OpenAI models
BugHunter auto-detects providers in priority order (Ollama → Groq → DeepSeek → Claude → OpenAI), defaulting to the most cost-efficient available option. Researchers can switch providers at any time via bughunter setup.
Once installed, the toolkit exposes a structured CLI that mirrors a professional bug bounty workflow:
textbughunter recon target.com # Attack surface mapping
bughunter hunt target.com # Multi-class vulnerability testing
bughunter validate "finding" # 7-Question Gate validation
bughunter report # Generates platform-specific submission
bughunter chat # Interactive AI hunting shell
The 7-Question Gate executed during the validate command is designed to eliminate weak or duplicate findings before a researcher wastes time on a submission. Internally, the toolkit orchestrates approximately 35 scanning tools including subfinder, httpx, nuclei, katana, ffuf, and dalfox, with missing tools skipped gracefully rather than causing hard errors.
One technically notable capability is cross-session memory persistence. BugHunter logs findings and discovered patterns to a JSONL-based memory store, allowing vulnerability patterns identified on one target to surface as context when testing a new one.
Session state is preserved across restarts, so researchers can resume interrupted hunts prioritizing untested endpoints via bughunter pickup target.com.
Beyond traditional web application testing, BugHunter includes a dedicated smart contract audit mode covering 10 vulnerability classes, including reentrancy, flash loan attacks, oracle manipulation, and proxy/upgrade flaws.
A token auditor module also scans for rug pull indicators, mint authority, LP lock status, honeypot detection, and bonding curve anomalies — relevant to Immunefi-style Web3 programs.
Nine specialized AI agents handle individual tasks within the pipeline: a recon agent, report writer, validator, Web3 auditor, chain builder, autopilot, recon ranker, token auditor, and credential hunter with built-in legal guardrails that hard-stop before any credential spraying activity.
The toolkit installs as a Claude Code plugin, a standalone CLI, or into alternative agent harnesses including OpenCode, Pi Agent, and Codex, making it one of the more versatile open-source offerings in AI-assisted bug bounty automation currently available on GitHub.
Follow us on Google News, LinkedIn, and X to Get More Instant Updates.
Tags
cyber security
cyber security news
Copy URL
Linkedin
Twitter
ReddIt
Telegram
Guru Baranhttps://cybersecuritynews.com
Gurubaran KS is a cybersecurity analyst, and Journalist with a strong focus on emerging threats and digital defense strategies. He is the Co-Founder and Editor-in-Chief of Cyber Security News, where he leads editorial coverage on global cybersecurity developments.
Trending News
Ivanti Command Injection Vulnerability Exploited in Attacks Following PoC Release
New Linux Kernel Vulnerability Lets Attackers Escalate Privileges to Root
China-Linked JDY Botnet Uses 1,500+ SOHO and IoT Devices for Rapid Vulnerability Exploitation
73 Microsoft Packages Weaponized to Deploy Password Stealer Malware
Anthropic Released Claude Fable 5, the First Model in Mythos Class
Latest News
Cyber Security
Anthropic Fable 5 and Mythos 5 Access Blocked to All Users Following Government Directive
Cyber Security News
Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks
Cyber Security News
Hackers Abuse Legitimate NinjaOne RMM Software to Bypass Traditional Malware Detection
Cyber Security News
Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets
Cyber Security News
Hackers Use OnyxC2 Malware-as-a-Service to Steal Credentials From 210 Applications