Everything you need to automate Hacking

Manage projects - Organize your targets, and re-use your workflow templates to quickly start hacking on a new target.
CI/CD like workflows - Automate scans by creating workflows, and re-use it across targets.
Self-hosted Runners - Host runners on your own infrastructure, and run any command you want.
Bhlast servers - Burp collaborator like server, listen on incoming requests and respond to them.
Payload management - Store common payloads and re-use them across targets simply by changing the variable.
Notifications - Get notified when a scan contains a diff, or when a request is made to your bhlast server.

Automation is a solved problem

CI/CD systems have been around for a while now. They automated manual tasks. So why not automate the hacking process with the same principles, and expand it to include other hacking tasks like listener server (like burp collaborator), payload management, notifications, etc? That's what BountyHub is all about.

Nikola Jokic

Creator of BountyHub

Manage projects

Manage multiple active/inactive projects

Each project is usually your target, but it doesn't have to be. Organize them as you see fit. When you stop hacking on one of them, you can simply deactivate it and activate it again when you want to hack on it again. Configure variables and re-use your workflow templates to quickly start hacking on a new target. Get notified when a scan contains a diff, so you can be one of the first to exploit a new vulnerability.

CI/CD like workflows

Gradually build your workflow

When you see yourself repeating the same steps over and over again, you can improve your existing workflow by adding steps/scans to it. Previous versions will be kept, so you can always go back or inspect the results while waiting on the new one to be scheduled. Once you feel confident in your new workflow, you can remove the old one to save space.

Self-hosted Runners

Host runners on your own infrastructure

Register runners on your machines. Running on your own infrastructure gives you power to install any tools you want, and run any command you want. You can have your proprietary tools installed on your runners and run them on your projects. The platform will only send the commands to your runners, and the output will be sent back to the platform.

Bhlast servers

Burp collaborator like server

Listen on incoming requests and respond to them. Configure DNS records to evade filters, and get notified when a request is made. Listen for blind attacks, and get notified when a request is made.

Payload management

Manage your payloads and template them for reuse across targets

Store your payloads in the platform, and use them across your projects. When you find a new vulnerability, you can quickly create a new payload to use it for other targets. You can also template your payloads, so tailoring the payload to your target is a breeze.