# Bug Bounty Orchestrator Autonomous bug bounty hunting system powered by Claude Code. An orchestrator agent coordinates specialized subagents that discover targets, scan repos, investigate findings, and draft reports. Agent-first: operational instructions live in `CLAUDE.md` (loop, priorities, DB workflow, submission formats, and helper scripts). Humans should treat this repo as agent-operated state. ## Architecture ``` Orchestrator (Claude Code) ├── Scout — discovers active bug bounty programs with open-source repos ├── Scanner — clones repos, runs semgrep + trufflehog + nuclei, triages findings ├── Investigator — deep-dives medium-confidence findings, traces data flow, builds PoCs ├── Reporter — turns validated findings into platform-ready submissions └── CVE Monitor — checks targets against recent CVEs ``` ## How It Works The orchestrator runs a continuous loop: **orient → decide → act → harvest → (human handoff) → loop**. - Findings are tracked in SQLite (`data/findings.db`) with status progression: `raw → triaged → investigating → draft → submitted → accepted → paid` - Human is only needed for: account creation, report submission, platform communication, spending approval - Quality over volume — 1 solid report beats 10 weak ones ## Platforms - [Huntr](https://huntr.com) - [HackerOne](https://hackerone.com) ## Tools - **Semgrep** — static analysis (OWASP, security-audit rules) - **TruffleHog** — secret detection - **Nuclei** — template-based vulnerability scanning ## Setup ```bash chmod +x setup.sh && ./setup.sh ``` Installs dependencies, creates the findings database, and sets up the directory structure. ## Project Structure ``` ├── .claude/agents/ # Subagent system prompts ├── briefings/ # Scan results, target lists, CVE reports ├── data/ │ ├── findings.db # All findings + scan log + spending log │ ├── targets.json # Active target list │ └── repos/ # Cloned target repositories ├── reports/ # Draft and final reports ├── config.yaml # Platform, scanner, and triage settings └── setup.sh # Dependency installer ```