A Claude Code skill bundle for bug hunting and external red-team work — 71 skills, 15 slash commands, 681 disclosed-report patterns curated across 24 core vulnerability classes, plus enterprise identity + infrastructure attack matrices.
# Add to your Claude Code skills
git clone https://github.com/elementalsouls/Claude-BugHunterGuides for using testing skills like Claude-BugHunter.
Last scanned: 5/24/2026
{
"issues": [],
"status": "PASSED",
"scannedAt": "2026-05-24T07:20:39.781Z",
"semgrepRan": false,
"npmAuditRan": true,
"pipAuditRan": true
}Claude-BugHunter is an open-source testing skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by elementalsouls. A Claude Code skill bundle for bug hunting and external red-team work — 71 skills, 15 slash commands, 681 disclosed-report patterns curated across 24 core vulnerability classes, plus enterprise identity + infrastructure attack matrices. It has 2,887 GitHub stars.
Yes. Claude-BugHunter passed SkillsLLM's automated security scan — a dependency vulnerability audit plus prompt-injection heuristics — with no high-severity issues. You can read the full report in the Security Report section on this page.
Clone the repository with "git clone https://github.com/elementalsouls/Claude-BugHunter" and add it to your Claude Code skills directory (see the Installation section above).
Claude-BugHunter is primarily written in Python. It is open-source under elementalsouls on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other Testing skills you can browse and compare side by side. Open the Testing category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh Claude-BugHunter against similar tools.
No comments yet. Be the first to share your thoughts!
Top skills in this category by stars
Based on votes and bookmarks from developers who liked this skill
A self-contained Claude skill bundle for bug hunting and external red-team work · 71 skills · 15 slash commands · 681 disclosed-report patterns across 24 core vulnerability classes · enterprise identity + infrastructure attack matrices · engagement-folder scaffolding · Burp MCP integration · battle-tested across authorized red-team and bug-hunting engagements, plus public training platforms (DVWA, OWASP Juice Shop, Hacker101, testphp.vulnweb.com).
Built by Sachin Sharma — Bug Hunting & GenAI Security Research.
claude-bughunter is a drop-in skill bundle for the Claude Code skills system. Install once and Claude Code stops being a chatbot and starts behaving like a senior bug-hunting researcher or red-team operator: it knows the techniques, the chain templates, the VRT mappings, the platform CVE chains, and the hygiene — and it stays in scope.
Four layers stack:
bb-methodology + redteam-mindset: the 5-phase non-linear workflow, critical-thinking framework, and red-team operator discipline.hunt-* skills curated from 681 disclosed HackerOne reports: per-class detection patterns, payloads, bypass tables, and chain templates.triage-validation + reporting + evidence-hygiene: the 7-Question Gate, VRT-aware severity, OOS rebuttals, PII redaction, and red-team deliverables.All triggered automatically by topic — describe what you're testing in plain English and the relevant skill loads. No invocation by name.
Option A — install as a Claude Code plugin (recommended). From inside Claude Code:
/plugin marketplace add elementalsouls/Claude-BugHunter
/plugin install claude-bughunter@elementalsouls
All 71 skills + 15 commands load namespaced under claude-bughunter: and update when you bump the plugin version — no files copied into ~/.claude/.
Option B — copy install (no plugin system / pin to a clone):
git clone https://github.com/elementalsouls/Claude-BugHunter.git
cd Claude-BugHunter
bash scripts/install.sh # copies skills + commands into ~/.claude/
What each install path gives you:
| Path | 71 skills + 15 slash commands | cbh CLI |
hunt scaffolder |
|---|---|---|---|
| A — plugin | ✅ namespaced under claude-bughunter: |
➕ separate pipx install |
❌ clone-only |
| B — copy install | ✅ copied into ~/.claude/ |
✅ from the clone | ✅ from the clone |
The plugin is the fastest path to the skills + slash commands. The terminal-native
cbh runner installs standalone — pipx install git+https://github.com/elementalsouls/Claude-BugHunter
— so plugin users can add it without a full clone (see cbh CLI).
The hunt engagement scaffolder ships with the clone (Option B).
That's it. Open Claude Code and describe what you're testing in plain English — the right skill loads automatically, no invocation by name:
> Testing acme.com — an in-scope HackerOne target. Run recon and rank the surface.
⟳ loading skills: web2-recon, offensive-osint, bb-methodology …
→ subdomain enum (subfinder + crt.sh) … 47 hosts
→ live hosts (httpx) … 12 · tech fingerprint … 6 distinct stacks
→ ranked surface: api.acme.com (GraphQL, introspection ON) ← start here
auth.acme.com (OAuth, SSO) ← hunt-oauth
Next: want me to probe the GraphQL introspection + OAuth redirect_uri?
→ Full Installation guide · Usage guide · searchable skill catalog.
The block above is an illustrative transcript. To record a real demo of your own session:
asciinema rec demo.cast→ upload to asciinema.org and drop the badge here.
The skills are plain Agent Skills — the same SKILL.md format that Claude Code · OpenCode · OpenAI Codex CLI · Hermes Agent all load. One command installs them everywhere:
bash scripts/install.sh --all --burp-mcp
--all copies the skills to every harness's path (~/.claude/skills, ~/.agents/skills, ~/.hermes/skills); --burp-mcp wires the Burp MCP server into each. The full knowledge layer ports to all four — the slash commands and /hunt engine stay Claude-Code-only by design.
This bundle covers the external attack surface — anything reachable from the internet without first compromising an internal endpoint.
If you're running an internal red team that includes domain-takeover chains via Kerberos or lateral movement, this bundle won't help you in those phases — and we'd rather say that up front than have you find out mid-engagement. The external surface handoff to internal-RT tooling (Impacket, NetExec, CrackMapExec, Rubeus, Certify, BloodHound) is intentionally outside our scope. Coverage for internal AD and post-exploit may come in a future update.
71 skills, auto-loaded by topic — no invocation by name. Coverage across the external attack surface:
| Category | # | Examples |
|---|---|---|
| Web application hunting | 13 | XSS, SQLi, SSRF, IDOR, LFI, SSTI, XXE, CSRF, CORS, open-redirect |
| Authentication & identity | 7 | auth-bypass, session, OAuth, SAML, MFA-bypass, ATO |
| API & infrastructure | 15 | GraphQL, gRPC, WebSocket, API-misconfig, host-header, RCE |
| Advanced & concurrency | 6 | race-condition, HTTP smuggling, deserialization, cache-poison |
| Framework-specific | 4 | Next.js, Node.js, Laravel, Spring Boot |
| Enterprise identity & cloud ★ | 3 | M365/Entra, Okta, cloud-IAM-deep |
| Infrastructure & appliance ★ | 4 | VMware vCenter, enterprise VPN, SharePoint, ASP.NET/NTLM |
| Red-team tradecraft ★ | 4 | redteam-mindset, APK pipeline, supply-chain recon, mid-engagement IR |
| Recon & OSINT | 4 | web2-recon, offensive-osint, subdomain |
| Workflow, reporting & specialized | 11 | methodology, triage-validation, evidence-hygiene, VRT-aware reporting |
Full searchable catalog → docs/skills.md. Also ships 15 slash commands (/hunt, /recon, /report, …) and a deterministic engagement engine (engine/) that maps a target's attack surface and routes each finding to the skill that handles it.
A 6-phase, non-linear workflow — recon → map & rank → hunt → validate → report — with scope enforced in code and a 7-Question Gate before anything is submitted. Two ways to drive it: