Bounty Security Releases GBounty: Our Web Scanning Tool is Now Open Source

Bounty Security is thrilled to announce that we have open-sourced several of our flagship tools under the MIT license. This move is our way of giving back to the community that has supported us, allowing everyone to benefit from and contribute to these powerful resources. The tools now available are:

• GBounty Scanner: A multi-step website vulnerability scanner developed in Golang to help companies, pentesters, and bug hunters identify potential vulnerabilities in web applications. Key features include:

  • Cutting-edge design leveraging Golang for exceptional speed and precision from the command line.
  • High-speed vulnerability discovery without sacrificing accuracy, maximizing testing efficiency.
  • Adaptability and versatility, allowing customization to suit specific scanning needs and preferences.
  • Seamless integration into CI workflows with compatibility across Linux, Windows, and macOS.
  • Comprehensive intelligence gathering that uncovers valuable insights like vulnerable parameters and software versions.

• GBounty Multi-Step Profiles: Customizable security test definitions used by GBounty Scanner to identify vulnerabilities. These profiles define a series of steps and conditions the scanner follows during analysis, including specific requests, insertion points, and search patterns to detect vulnerabilities.

• GBounty Profiles Designer: A user-friendly graphical interface tool that empowers you to design intricate multi-step web vulnerability profiles. It streamlines the creation and customization of GBounty vulnerability profiles, enabling swift integration of new web vulnerabilities into your assessments.

• Export to GBounty: Burp Suite extension developed using the Montoya API. It allows users to export selected HTTP requests from Burp Suite, including the Site Map Tree, Repeater, and Message Editor, into a compressed ZIP file. This ZIP file can be directly used with the GBounty scanner using the command gbounty -rf requests.zip, enabling streamlined vulnerability scanning and management.

Access the GitHub repositories here:

• GBounty Scanner
• GBounty Multi-Step Profiles
• GBounty Profiles Designer
• Export To GBounty Burp Suite extension

By open-sourcing these tools, we aim to contribute back to the community that has provided us with immense value. We invite developers, security professionals, and enthusiasts to explore, use, and contribute to these projects. Together, we can enhance web security and foster innovation in the cybersecurity field.