Building detection-first, scope-aware security CLIs. Recon orchestration, GraphQL analysis, autonomous vulnerability detection.
| bounthunt Scope-Aware Bug Bounty Orchestrator Orchestrates subfinder · dnsx · httpx · naabu · nuclei · katana behind a YAML scope guard. SQLite history, checkpoint/resume, diff monitoring, reports. ⚡ Quick Start · 📖 Docs |
gqlhunter GraphQL Recon & Analysis CLI Discovers GraphQL endpoints, runs introspection, classifies fields by risk, detects IDOR candidates, diffs schema. SARIF export, dashboard. ⚡ Quick Start · 📖 Docs |
- 🔍 Detection only, never exploitation — recon and analysis, never payloads
- 🛡 Scope-aware — every action gated by YAML scope file
- 📂 Open formats — SQLite, Markdown, HTML, JSON, SARIF 2.1.0
- ⚙ Two tools, two domains — infra recon + GraphQL analysis, no overlap
MIT licensed · detection-only security tooling · Almaty