How do I use Bug Bounty MCP Server?

1. Click on "Install Server". 2. Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state. 3. In the chat, type @ followed by the MCP server name and your instructions, e.g., "@Bug Bounty MCP Server find SQL injection testing methodology and payloads" That's it! The server will respond to your query, and you can continue using it as needed. Here is a step-by-step guide with screenshots.

Bug Bounty MCP Server

by R-s0n

Overview Schema Related Servers Score Discussions

JavaScript

Local

Bug Bounty MCP Server

An MCP (Model Context Protocol) server that gives Claude Code access to a comprehensive bug bounty hunting knowledge base. Includes techniques, payloads, wordlists, real-world reports, and structured methodology.

Quick Start

# Install dependencies
npm install

# Clone knowledge base repos (PayloadsAllTheThings, HackTricks, HackTricks-Cloud, SecLists, DEFCON32 workshop)
npm run clone-repos

# Build
npm run build

# Run (stdio mode, default)
npm start

Add to Claude Code

Add to your Claude Code MCP config (~/.claude/settings.json or project .claude/settings.json):

{
  "mcpServers": {
    "bug-bounty-knowledge": {
      "command": "node",
      "args": ["/path/to/rs0n-bug-bounty-mcp-server/dist/index.js"]
    }
  }
}

The server uses stdio transport (no port needed), so there are no port conflicts with other MCP servers.

Tools (14)

Tool	Description
`search_techniques`	Full-text search across all knowledge sources
`get_payloads`	Payloads for 25 vulnerability categories
`get_methodology`	Testing methodology by target type
`get_rs0n_methodology`	rs0n's DEFCON32 methodology (Recon/Injection/Logic/Cloud)
`get_bounty_reports`	Real-world accepted and rejected reports
`assess_report_quality`	Evaluate if a finding will be accepted
`get_cloud_security`	AWS/Azure/GCP/K8s attack techniques
`get_waf_bypass`	WAF bypass techniques by vuln type
`browse_knowledge_base`	Navigate the knowledge base
`read_knowledge_file`	Read specific KB files
`list_wordlists`	Browse SecLists categories
`get_wordlist`	Retrieve a specific wordlist
`search_wordlists`	Find wordlists by keyword
`get_recommended_wordlist`	Get the best wordlist for a task

Knowledge Base Sources

PayloadsAllTheThings - Payload lists and bypass techniques
HackTricks - Comprehensive pentesting wiki
HackTricks-Cloud - Cloud security testing
SecLists - Wordlists for fuzzing, brute-forcing, and enumeration
DEFCON32 Workshop - rs0n's battle-tested methodology
778+ curated bug bounty reports (accepted) with detailed writeups
Rejected report patterns - What NOT to submit

Updating Knowledge Base

# Pull latest from all repos
npm run clone-repos

Install Server

license - permissive license

quality

maintenance

How are these scores calculated?

Resources

GitHub Repository

Need Help?

Related Servers

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

Tools

View all tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/R-s0n/rs0n-bug-bounty-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server