Skip to content
/ zerodaybuddy Public

Comprehensive bug bounty assistant tool that streamlines security research workflows with automated reconnaissance, vulnerability scanning, and professional reporting

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

perplext/zerodaybuddy

BranchesTags

Repository files navigation

ZeroDayBuddy - Bug Bounty Assistant Tool

ZeroDayBuddy is a comprehensive bug bounty assistant tool that streamlines the process of taking on new bounty programs and conducting end-to-end reconnaissance and testing.

Features

  • Platform Integration: Connect with popular bug bounty platforms (HackerOne, Bugcrowd) to fetch program details and scope
  • Scoped Project Setup: Automatically set up a structured project workspace ensuring compliance with program scope
  • Automated Reconnaissance: Perform initial recon to discover assets and identify "low-hanging fruit" vulnerabilities
  • Assisted Testing: Tools to help investigate complex vulnerabilities requiring human intuition
  • Proxy Support: Integration with web security proxies to facilitate manual exploration
  • Report Generation: Generate professional vulnerability reports for submission

Installation

Option 1: Download Pre-built Binary (Recommended)

Download the latest release for your platform from the GitHub Releases page.

Linux (x64):

curl -L -o zerodaybuddy https://github.com/perplext/zerodaybuddy/releases/latest/download/zerodaybuddy-linux-amd64
chmod +x zerodaybuddy
sudo mv zerodaybuddy /usr/local/bin/

macOS (Apple Silicon):

curl -L -o zerodaybuddy https://github.com/perplext/zerodaybuddy/releases/latest/download/zerodaybuddy-darwin-arm64
chmod +x zerodaybuddy
sudo mv zerodaybuddy /usr/local/bin/

macOS (Intel):

curl -L -o zerodaybuddy https://github.com/perplext/zerodaybuddy/releases/latest/download/zerodaybuddy-darwin-amd64
chmod +x zerodaybuddy
sudo mv zerodaybuddy /usr/local/bin/

Windows: Download zerodaybuddy-windows-amd64.exe from the releases page.

Option 2: Build from Source

# Clone the repository
git clone https://github.com/perplext/zerodaybuddy.git
cd zerodaybuddy

# Build the tool
go build -o zerodaybuddy ./cmd/zerodaybuddy

# Run the tool
./zerodaybuddy --help

Usage

CLI Mode

# Initialize ZeroDayBuddy
zerodaybuddy init

# List available bug bounty programs
zerodaybuddy list-programs

# Create a new project for a specific program  
zerodaybuddy project create --platform hackerone --program example-program

# Run reconnaissance
zerodaybuddy recon run --project example-program

# Run vulnerability scanning
zerodaybuddy scan run --project example-program

# Generate a report
zerodaybuddy report generate --project example-program --format markdown

Web Interface

# Start the web server
zerodaybuddy serve

Then open your browser and navigate to http://localhost:8080

Security and Ethics

ZeroDayBuddy is designed with security and ethics in mind:

  • Only scan targets that are explicitly in-scope for a bug bounty program
  • Never scan domains or systems without proper authorization
  • Respect rate limits and program rules
  • Store sensitive data securely

Documentation

License

This project is licensed under the MIT License - see the LICENSE file for details.

About

Comprehensive bug bounty assistant tool that streamlines security research workflows with automated reconnaissance, vulnerability scanning, and professional reporting

Topics

bugbounty-tool

Resources

Readme

License

MIT license

Security policy

Security policy
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

ZeroDayBuddy v0.1.0 Latest
Jun 20, 2025

Packages

No packages published

Contributors 2

  •  
  •  

Languages