Skip to content
View bess1lie's full-sized avatar
💤
💤

Block or report bess1lie

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
bess1lie/README.md
bess1lie

bess1lie

Security Engineer · Bug Bounty Hunter

Building detection-first, scope-aware security CLIs. Recon orchestration, GraphQL analysis, autonomous vulnerability detection.


📊 Stats


🛠 Tools

bounthunt
Scope-Aware Bug Bounty Orchestrator

repo v1.1.0 tests

Orchestrates subfinder · dnsx · httpx · naabu · nuclei · katana behind a YAML scope guard. SQLite history, checkpoint/resume, diff monitoring, reports.

⚡ Quick Start · 📖 Docs
gqlhunter
GraphQL Recon & Analysis CLI

repo v0.2.0 tests

Discovers GraphQL endpoints, runs introspection, classifies fields by risk, detects IDOR candidates, diffs schema. SARIF export, dashboard.

⚡ Quick Start · 📖 Docs

🧠 Philosophy

  • 🔍 Detection only, never exploitation — recon and analysis, never payloads
  • 🛡 Scope-aware — every action gated by YAML scope file
  • 📂 Open formats — SQLite, Markdown, HTML, JSON, SARIF 2.1.0
  • Two tools, two domains — infra recon + GraphQL analysis, no overlap

🔗 Links

Landing GitHub


MIT licensed · detection-only security tooling · Almaty

Pinned Loading

  1. bounthunt bounthunt Public

    Bug bounty automation framework — recon orchestration, scope-aware scanning, diff monitoring, checkpoint/resume

    Python 1

  2. gqlhunter gqlhunter Public

    GraphQL recon & analysis CLI — schema discovery, introspection, auth analysis, query variants, risk classification, dashboard

    Python 1