claude-bughunter

A drop-in Claude Code skill bundle that makes Claude behave like a senior bug-hunting researcher or red-team operator — it knows the techniques, the chain templates, the VRT mappings, the platform CVE chains, and the hygiene, and it stays in scope.

Get started Browse the skill catalog View on GitHub

What you get

  • 71 skills across recon, 48 web-app vuln-class + framework skills, enterprise platform attack, red-team tradecraft, and reporting — all auto-loading by topic, no invocation by name.
  • 681 disclosed-report patterns curated from public HackerOne reports.
  • Enterprise attack matrices — M365/Entra, Okta, SharePoint, vCenter, SSL-VPN, Android APK, supply-chain — with current 2024–2026 CVE chains.
  • Reporting + validation — 7-Question Gate, VRT mapping, evidence hygiene, and a client-facing red-team deliverable format.
  • Burp MCP integration and an engagement-folder scaffold.

Quickstart 

# Clone and install into ~/.claude/
git clone https://github.com/elementalsouls/Claude-BugHunter.git
cd Claude-BugHunter
bash scripts/install.sh

Then open Claude Code and describe what you’re testing in plain English — the relevant skill loads automatically:

> I'm testing acme.com, an in-scope HackerOne target. Start recon and
  rank the attack surface.

See the full Installation guide and Usage guide.

Stay in scope

This bundle is for assets you own or are authorized to assess (in-scope bug-bounty programs, signed-RoE pentests, CTFs, your own lab). It ships validation gates that auto-trigger on ambiguity. See the Security policy.

Atlas Cloud — a full-modal AI inference platform: one API for video, image, and LLM models (300+ curated). Check out their coding-plan promotion for budget-friendly API access.

This site uses Just the Docs, a documentation theme for Jekyll.