
GBounty is a multi-step website vulnerability scanner developed in Golang designed to help companies, pentesters, and bug hunters identify potential vulnerabilities in web applications.
- Cutting-Edge Design: Crafted with the power of Golang, GBounty offers unparalleled speed and precision right from the command line.
- Precision Meets Speed: Discover vulnerabilities at breakneck speeds without compromising accuracy, maximizing your testing efficiency.
- Adaptable & Versatile: Tailor GBounty to your needs. Easily seek out new vulnerabilities and mold the software to your scanning preferences.
- Seamless Integration: Incorporate GBounty into your CI workflows with effortless compatibility across Linux, Windows, and macOS.
- Comprehensive Intelligence Gathering: Beyond vulnerability detection, GBounty amplifies manual pentesting efforts by uncovering valuable insights like vulnerable parameters and software versions.
Now Open Source! GBounty, previously a paid tool, has become open source, bringing the future of web security within everyone's reach.
Go to Github
GBounty Profiles Designer
GBounty Profiles Designer is a powerful tool that gives you the ability to create custom web vulnerability profiles for use with GBounty. Some of the key benefits include:
- Easy to use: It offers a graphical interface that makes it easy to create new vulnerability profiles.
- Customization: It has a unique customization capacity, with new insertion points and search types that allow you to tailor the profiles to your specific needs.
- Passive and active profiles: You can create both passive and active vulnerability profiles, which can be used to perform a comprehensive review of a web application.
- Fast and efficient: It allows you to create new vulnerability profiles in a simple and fast way, so you can integrate new web vulnerabilities into your tests quickly.

Burp Bounty Pro: Profiles-Based Authenticated Scanner
Discover the power of Burp Bounty Pro, the web vulnerability scanner that revolutionizes authenticated testing directly in Burp Suite. Designed for penetration testers, security teams, and bug hunters, Burp Bounty Pro automates security assessments—even within logged-in sessions—significantly reducing your audit time while expanding overall coverage.
Shop now
FAQs
Yes, GBounty is a multi-step website vulnerability scanner developen in Golang that uses the advanced and customized vulnerability profiles (same than a popular Burpsuite extension Burp Bounty Pro).
The great power of GBounty is that you can replicate the methodology you use to find vulnerabilities by creating your own custom vulnerability profiles, but GBounty have pre-loaded advances profiles that will help you in your auditing processes.
All software that automates processes is susceptible to generating false positives, but few like GBounty allow you to generate validations so that you can customize the tool to adapt to any environment and reduce the great problem of false positives.
If you have problems with the execution in MacOS you can try the following command:
xattr -rd com.apple.quarantine gbounty