Supports security testing and reconnaissance for bug bounty programs, including subdomain enumeration, vulnerability scanning, and report generation for authorized assessments.
Uses environment variables for configuration of API keys, callback URLs, rate limiting, and security settings for the bug bounty tools.
Provides tools for detecting exposed .git directories and enumerating repository contents as part of security testing workflows.
Offers GraphQL security testing capabilities including introspection queries, mutation testing, and API vulnerability detection.
Supports security testing and reconnaissance for bug bounty programs, including subdomain enumeration, vulnerability scanning, and report generation for authorized assessments.
Designed to run on Kali Linux and similar security-focused operating systems, integrating with pre-installed security tools.
Integrates the Katana web crawler from ProjectDiscovery for deep web crawling and endpoint extraction during reconnaissance.
Generates professional bug bounty reports in Markdown format for vulnerability documentation and disclosure.
Includes NoSQL injection testing capabilities specifically targeting MongoDB databases for security assessments.
Integrates OWASP tools including ZAP and Amass for security testing, and follows OWASP Top 10 vulnerability guidelines.
Includes PHP file extensions in fuzzing and content discovery operations during web application security testing.
Supports integration with Burp Collaborator for out-of-band vulnerability testing and provides educational resources from Web Security Academy.
Built with Python 3.10+ and integrates Python-based security tools like sqlmap, jwt_tool, and git-dumper for vulnerability testing.
Provides tools for parsing and analyzing Swagger/OpenAPI documentation to discover and test API endpoints during security assessments.
Supports optional VirusTotal API integration for enhanced reconnaissance and threat intelligence gathering during security assessments.
Includes XXE (XML External Entity) injection testing capabilities for detecting XML-related security vulnerabilities.
Integrates OWASP ZAP for automated web application security scanning and vulnerability detection.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Bug Bounty Hunter MCPscan example.com for XSS and SQL injection vulnerabilities"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Bug Bounty Hunter MCP for Gemini Antigravity
The Ultimate Offensive Security MCP Server for your Gemini AI.
Transform your Gemini Antigravity environment into an elite Bug Bounty Hunter. This MCP server integrates 50+ professional security tools to perform autonomous reconnaissance, vulnerability scanning, and exploitation analysis directly from your chat interface.
Why This MCP?
AI-Powered Security: Let Gemini orchestrate complex attack chains.
Automated Recon: Go from domain to vulnerability report in minutes.
Comprehensive Coverage: From Subdomain Enumeration to RCE detection.
Built for Antigravity: Optimized for seamless integration with Gemini's ecosystem.
Installation for Gemini Antigravity
Follow these steps to equip your Gemini with Bug Bounty superpowers.
1. Prerequisites
Ensure you have the following installed on your system:
Python 3.10+
Go (for external tools like
subfinder,nuclei)Git
2. Clone & Setup Environment
3. Install External Tools (The Arsenal)
To unlock the full potential, install the core tools. We've included a helper script:
(Alternatively, check
4. Configure Gemini Antigravity
You need to register this MCP server so your Gemini AI can access it.
Option A: Using the Gemini CLI (Recommended)
If your Gemini environment supports dynamic MCP loading, locate your MCP configuration file (typically mcp.json or similar in your Gemini config directory, e.g., ~/.gemini/mcp.json or ~/.antigravity/mcp.json).
Add the following configuration:
IMPORTANT: Replace /path/to/BugBountyMCP with the absolute path to your cloned directory.
5. Verify Installation
Start your Gemini session and type:
You should see bugbounty listed as an active tool server.
The Arsenal (Capabilities)
Your Gemini is now equipped with these capabilities:
Reconnaissance (The Eyes)
Subdomain Enumeration:
subfinder,amass,assetfinderPort Scanning:
nmap,naabuHTTP Probing:
httpx(with tech detection)DNS & CT Logs: Deep DNS queries & Certificate Transparency checks
Spidering & Content (The Legs)
Deep Crawling:
katana,gospiderJS Analysis: Extract secrets from JavaScript files
Hidden Files:
dirsearch,gobuster,ffuf
Vulnerability Scanning (The Fangs)
Nuclei Engine: Template-based vulnerability scanning
Injection Testing: SQLi (
sqlmap), XSS, SSTI, Command InjectionAccess Control: IDOR, Path Traversal, LFI/RFI
Cloud Security: S3 Bucket scanning, Metadata exposure
Authentication & API (The Brain)
Auth Testing: JWT analysis, OAuth flow testing
API Security: GraphQL inspection, Swagger parsing, Rate limit testing
Usage Examples
Once installed, just talk to Gemini!
Full Recon Mission
You: "Run a full reconnaissance on
example.com."Gemini: Starts subdomain enumeration, port scanning, and probing...
Specific Vulnerability Scan
You: "Check
https://target.comfor XSS vulnerabilities."Gemini: Deploys XSS scanner and reports findings...
Cloud Audit
You: "Scan this S3 bucket
my-bucketfor public access."Gemini: Checks ACLs and content...
Legal Disclaimer
With great power comes great responsibility.
This tool is designed for authorized security testing and bug bounty hunting only.
Do not use on targets you do not have permission to test.
Always adhere to the Scope and Rules of Engagement.
Use responsibly.
Contributing
Join the hunt! PRs are welcome. Check CONTRIBUTING.md for details.
Built for the Gemini Antigravity Community Happy Hunting!