Bug Hunter Tools v1.0
🕸️

Bug Hunter Tools

Passive recon, checkers, scanners & more — built for bug bounty hunters

Select a tool below to get started

Reconnaissance
🌐
Subdomain Enumeration
Passive · OSINT
Discover subdomains of a target domain by querying multiple passive sources simultaneously. Deduplicates results, resolves IPs, and ranks by resolution status.
crt.sh HackerTarget URLScan AlienVault
FREE
Reconnaissance
🔗
Endpoint Scan
Passive · URL Discovery
Harvest known URLs and endpoints for a domain from web archives and OSINT APIs. Filter by JS files, API paths, params, admin panels, and more.
Wayback URLScan OTX CommonCrawl
FREE
Formatting
🧹
JSON Beautifier
Format · Minify · Tree View
Beautify or minify JSON with syntax highlighting and an interactive collapsible tree view. Supports key sorting, indent options, live conversion, copy & download.
Beautify Minify Tree View Sort Keys
FREE
Encoding
📦
Base64 Encoder / Decoder
Encoding · Decoding · Client-side
Encode or decode Base64 with live conversion, multiple variants (Standard, URL-safe, No Padding, MIME), file upload support, and one-click copy & download. Nothing leaves your browser.
Standard URL-safe MIME File Upload
FREE
API Key
🔑
Google / Gemini API Key Checker
Key Validation · Scope Discovery
Test a leaked Google or Gemini API key against 10 services to determine its scope and access level. Checks Gemini models, text generation, Maps APIs, and more. All requests are client-side only.
Gemini Maps Places Geocoding
FREE
Scanner
🦾
Web App Scanner
Active · Vulnerability Detection
Full-featured web application security scanner. Detects SSL/TLS issues, security header misconfigurations, exposed files, CORS, Heartbleed, and generates detailed HTML reports.
SSL/TLS Headers Misconfig Reports
PRIVATE
This page contains FREE and PRIVATE bug bounty hunter tools, and will be updated from time to time.