BugBounty Companion
Up your game by being more efficient than others! π€
A BugBounty companion script for Immunefi π Checkout high-reward yielding bug bounty projects and scale your bug bounty hunting.
TLDR; clones Immunefi Repositories filtered by the highest rewards.
β οΈ HACKY SCRIPT! – shell-executes stuff without checking! USE AT OWN RISK π
Usage
$ bugbounty.py [sync|unique|clone|no-dryrun]
default output folder is $(pwd)/bugbounty_repos/<project>
Examples
- sync with immunefi website and dump results to json file
$ bugbounty.py sync [unique]
- show unique repos in cache
$ bugbounty.py unique
- (dry-run) clone all unique repos
$ bugbounty.py unique clone
- (actually) clone all unique repos
$ bugbounty.py unique clone no-dryrun
I don’t know what to do?!
β οΈ PSA: Reminder, this script is an ugly hack but it works π USE AT OWN RISK.
$ bugbounty.py sync unique # 1) download bounty info and cache it; filter unique repos
$ bugbounty.py unique clone # 2) dry-run clone - dblcheck if this is what you do
$ bugbounty.py unique clone no-dryrun # 3) actually checkout all the repos to $(pwd)/bugbounty_repos/<project>
Cool, but when Lambo ποΈ?
- Check for similar issues in all code-bases
- Run your tools, code-smell detectors
- e.g. semgrep – semgrep now supports solidity! write patterns, find bugs, at scale
- Submit Bugs for Bounties
- π Lambo ποΈ $$ π₯³π₯³
Donate
Got rich? Consider giving back by supporting the eth security community and my projects β€οΈ π
Be a Hero, tip a πΊ π βΆ Ι: 1AZMeGVfCBbYwVYyG9s79pJDyocTZgiApa | Ξth: 0x438B38E30eF117C15fBfF833f9C2c70182925815