Solutions
The Bounty Security Toolkit
Four tools. One ecosystem. Every profile you build works across the entire suite — from Burp Suite extensions to standalone scanners. Pick the tools that fit your workflow.
Professional Tools
Burp Bounty Pro
Burp Suite Extension — Custom Vulnerability Scanner
Extends Burp Suite with 254 vulnerability profiles, Smart Scan rules that chain passive detection with active attacks, and multi-step scanning with cookie reuse for authenticated workflows. 30+ insertion point types, per-scan thread control, and tag-based profile management — all without writing code.
Core capabilities: Smart Scan (IF-THEN rules) · Multi-step scanning · Time-based detection · Global variables · Tag-based passive scan launching · Per-scan thread pools with pause/resume · Match & Replace for authentication · .bb profile import/export
Burp Suite Professional required · Java 14+ · Set up in 5 minutes
Burp Bounty Go
High-Performance Distributed Scanner — Golang Engine
A Golang-powered scanning engine processing 10,000+ requests per second. Run multiple scanning servers on localhost or remote VPS, detect blind vulnerabilities with the built-in Blind Host, and manage everything from Burp Suite. Scale horizontally — one server or ten.
Core capabilities: Distributed scanning servers · Built-in Blind Host ({BH} token) · Multi-step profiles · Active & passive scanning · String, regex, status code, time-based & OOB detection · Tag-based scan launching · Cross-platform (Linux, macOS, Windows)
Works with Burp Suite · Runs on Linux, macOS, and Windows
Open Source
GBounty
Standalone Golang Scanner · Free & Open Source
High-speed web vulnerability scanner built in Go. Multi-step, profile-based scanning with the same .bb profile format used by Burp Bounty Pro and Go — your custom profiles work across all three tools. Native binaries for Linux, Windows, and macOS. No dependencies.
Highlights: Golang performance · Multi-step profiles · Cross-platform · Compatible .bb profile format · Thousands of req/sec
Bounty Prompt
AI-Powered Security Analysis · Free & Open Source
Burp Suite extension that connects HTTP traffic directly to AI engines. Send requests and responses to Burp AI or Groq Cloud with pre-configured security prompts — get vulnerability analysis, payload suggestions, and authentication flow insights without leaving Burp Suite.
Highlights: Pre-configured security prompts · Dual AI engine support · Dynamic HTTP tags · Automated Burp Suite issue creation
🔗 One Profile Format. Every Tool.
Burp Bounty Pro, Burp Bounty Go, and GBounty all share the same .bb profile format. Build a custom vulnerability profile once, export it, and use it across your entire toolkit — from Burp Suite extensions to standalone command-line scanning. Share profiles across your team with a single file.
Which Tool Is Right for You?
| Burp Bounty Pro | Burp Bounty Go | GBounty | Bounty Prompt | |
|---|---|---|---|---|
| Type | Burp Extension | Burp Extension + Golang Server | Standalone CLI | Burp Extension |
| License | Paid | Paid | Free / OSS | Free / OSS |
| Custom Profiles (.bb) | ✅ | ✅ | ✅ | — |
| Smart Scan (IF-THEN Rules) | ✅ 27 rules | — | — | — |
| Multi-Step Scanning | ✅ | ✅ | ✅ | — |
| Distributed Scanning | — | ✅ Multi-server | — | — |
| Built-in OOB Detection | Via Burp Collaborator | ✅ Blind Host | — | — |
| Performance | Per-scan threads | 10K+ req/sec | High (Golang) | — |
| AI-Powered Analysis | — | — | — | ✅ Burp AI + Groq |
| Requires Burp Suite | Yes (Professional) | Yes | No | Yes |
| Best For | Pentesters who want deep, customizable scanning inside Burp Suite | Teams needing raw speed and distributed scanning at scale | CI/CD pipelines, scripted workflows, or scanning without Burp | Security researchers who want AI insights on HTTP traffic |
Not Sure Where to Start?
Most users start with Burp Bounty Pro for deep Burp Suite integration, then add Burp Bounty Go when they need raw speed and distributed scanning.