bug-bountyBug Bounty 猎人 - 自动扫描漏洞、生成报告、追踪奖励。适合:安全研究员、白帽子。
Install via ClawdBot CLI:
clawdbot install yang1002378395-cmyk/bug-bountyGrade Limited — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Generated Mar 21, 2026
Security researchers use this skill to automatically scan web applications for vulnerabilities like SQL injection and XSS. It helps identify security flaws in client or internal projects, enabling proactive fixes before exploitation. This is common in industries like e-commerce or fintech where data breaches are costly.
White-hat hackers employ the skill to scan targets from bug bounty platforms, such as HackerOne or Bugcrowd, to find and report vulnerabilities for rewards. It streamlines the process from detection to report generation, increasing efficiency in submitting valid bugs. This supports industries with public-facing digital assets, like banking or social media.
Small and medium-sized enterprises use the skill to conduct affordable penetration tests on their websites or apps. It automates common vulnerability checks, providing reports with remediation steps to improve security posture without extensive resources. This is applicable across various sectors, including retail and healthcare.
Institutions or training programs integrate the skill to teach students about web vulnerabilities and bug bounty hunting. It allows hands-on practice with scanning tools and report writing, enhancing learning outcomes in cybersecurity courses. This is used in education and professional development industries.
Organizations leverage the skill to perform regular security audits for compliance with standards like PCI DSS or GDPR. It helps identify vulnerabilities that could lead to non-compliance, generating detailed reports for documentation and corrective actions. This is critical in regulated industries such as finance and healthcare.
Individuals offer bug bounty hunting services to clients, using the skill to scan and report vulnerabilities for a fee or percentage of rewards. It enables scalable, project-based work with automated tools to handle multiple clients efficiently. Revenue comes from fixed contracts or success-based bounties.
Companies integrate the skill into a software-as-a-service platform, providing automated vulnerability scanning and reporting tools to enterprise security teams. It reduces manual effort and improves response times for threat detection. Revenue is generated through subscription fees per user or scan volume.
Educational providers bundle the skill with courses to teach bug bounty techniques, offering certifications upon completion. It attracts learners seeking practical skills in cybersecurity, with revenue from course fees and certification renewals. This model capitalizes on the growing demand for security expertise.
💬 Integration Tip
Integrate with existing bug bounty platforms via APIs to automate submission and tracking, and ensure regular updates to vulnerability databases for accurate scans.
Scored Apr 19, 2026
Perform network reconnaissance and port scanning with Nmap to find open ports, detect services, identify vulnerabilities, and enumerate targets accurately.
Scan networks to discover devices, gather MAC addresses, vendors, and hostnames. Includes safety checks to prevent accidental scanning of public networks.
Security engineering toolkit for threat modeling, vulnerability analysis, secure architecture, and penetration testing. Includes STRIDE analysis, OWASP guida...
Use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews.
Test APIs against OWASP API Security Top 10 including discovery, auth abuse, and protocol-specific checks.
Test your AI agent for security vulnerabilities using PwnClaw. Runs 50+ attacks (prompt injection, jailbreaks, social engineering, MCP poisoning, and more) and provides fix instructions. Use when your agent needs a security check or hardening.