BugBounty MCP Server

# BugBounty MCP Server Configuration # Copy this file to .env and fill in your API keys # ============================================================================= # API KEYS - Optional but recommended for enhanced functionality # ============================================================================= # Shodan API Key - For device and service discovery # Get from: https://account.shodan.io/ SHODAN_API_KEY= # VirusTotal API Key - For threat intelligence and file scanning # Get from: https://www.virustotal.com/gui/my-apikey VIRUSTOTAL_API_KEY= # Censys API Credentials - For certificate and host search # Get from: https://censys.io/api CENSYS_API_ID= CENSYS_API_SECRET= # GitHub Token - For repository and code search # Get from: https://github.com/settings/tokens GITHUB_TOKEN= # SecurityTrails API Key - For DNS history and domain intelligence # Get from: https://securitytrails.com/corp/api SECURITYTRAILS_API_KEY= # Hunter.io API Key - For email discovery and verification # Get from: https://hunter.io/api_keys HUNTER_IO_API_KEY= # BinaryEdge API Key - For internet scanning and device discovery # Get from: https://app.binaryedge.io/account/api BINARYEDGE_API_KEY= # WhoisXML API Key - For WHOIS and domain data # Get from: https://whoisxmlapi.com/ WHOISXML_API_KEY= # FOFA API Key - For cyberspace search # Get from: https://fofa.info/api FOFA_API_KEY= # ============================================================================= # CONFIGURATION OVERRIDES # ============================================================================= # Logging Level (DEBUG, INFO, WARNING, ERROR, CRITICAL) LOG_LEVEL=INFO # Output Directory for reports and scan results OUTPUT_DIR=./output # Data Directory for persistent storage DATA_DIR=./data # Maximum concurrent scans (adjust based on your system) MAX_CONCURRENT_SCANS=10 # Default timeout for operations (seconds) DEFAULT_TIMEOUT=30 # Rate limiting - requests per second REQUESTS_PER_SECOND=10.0 # ============================================================================= # SAFETY CONFIGURATION # ============================================================================= # Enable safe mode (recommended for production) SAFE_MODE=true # Allowed targets (comma-separated, supports wildcards) # Example: *.example.com,192.168.1.0/24,10.0.0.0/8 ALLOWED_TARGETS= # Blocked targets (comma-separated, supports wildcards) # Example: *.gov,*.mil,*.edu BLOCKED_TARGETS=*.gov,*.mil # ============================================================================= # TOOL PATHS - Override if tools are not in PATH # ============================================================================= # Network scanning tools NMAP_PATH=nmap MASSCAN_PATH=masscan # Web application tools NUCLEI_PATH=nuclei SUBFINDER_PATH=subfinder HTTPX_PATH=httpx GOBUSTER_PATH=gobuster FFUF_PATH=ffuf # Security testing tools SQLMAP_PATH=sqlmap NIKTO_PATH=nikto DIRB_PATH=dirb WPSCAN_PATH=wpscan # Browser automation CHROME_DRIVER_PATH= FIREFOX_DRIVER_PATH= HEADLESS_BROWSER=true # ============================================================================= # SCANNING CONFIGURATION # ============================================================================= # Default ports to scan (comma-separated) DEFAULT_PORTS=21,22,23,25,53,80,110,111,135,139,143,443,993,995,1723,3306,3389,5432,5900,8080,8443,8888,9090,27017,6379,11211,50070 # Number of top ports to scan when using --top-ports TOP_PORTS=1000 # Scan rate for masscan (packets per second) SCAN_RATE=1000 # Maximum crawl depth for web crawling MAX_CRAWL_DEPTH=3 # Maximum pages to crawl per website MAX_PAGES_TO_CRAWL=100 # ============================================================================= # WORDLIST PATHS # ============================================================================= # Subdomain wordlist SUBDOMAIN_WORDLIST=wordlists/subdomains.txt # Directory wordlist DIRECTORY_WORDLIST=wordlists/directories.txt # Common files wordlist COMMON_FILES_WORDLIST=wordlists/common_files.txt # Parameter wordlist PARAMETER_WORDLIST=wordlists/parameters.txt # ============================================================================= # REPORTING CONFIGURATION # ============================================================================= # Default report format (json, html, pdf, csv) REPORT_FORMAT=json # Save raw tool output SAVE_RAW_OUTPUT=true # Create HTML reports automatically CREATE_HTML_REPORT=true # Create PDF reports automatically (requires additional dependencies) CREATE_PDF_REPORT=false # ============================================================================= # CACHE CONFIGURATION # ============================================================================= # Enable caching for improved performance CACHE_ENABLED=true # Cache TTL in seconds (1 hour default) CACHE_TTL=3600 # ============================================================================= # EXAMPLE CONFIGURATIONS # ============================================================================= # For internal penetration testing: # ALLOWED_TARGETS=192.168.0.0/16,10.0.0.0/8,172.16.0.0/12 # BLOCKED_TARGETS= # SAFE_MODE=false # MAX_CONCURRENT_SCANS=20 # For external bug bounty hunting: # ALLOWED_TARGETS=*.example.com,*.subdomain.example.com # BLOCKED_TARGETS=*.gov,*.mil,*.edu # SAFE_MODE=true # REQUESTS_PER_SECOND=5.0 # For development/testing: # ALLOWED_TARGETS=localhost,127.0.0.1,testphp.vulnweb.com # LOG_LEVEL=DEBUG # CACHE_ENABLED=false