MyuriKanao/src-hunter-skill
实战 SRC / 众测 / Bug bounty 漏洞挖掘 Claude Code skill — 19 个攻击类 playbook、305 个结构化 payload、263 个 WAF/EDR 绕过、2887 份 HackerOne 真实案例、88,636 WooYun 案例统计
SUMMARY AI summary by gpt-5-mini
src-hunter is a Claude Code skill for SRC teams, crowdtesting and bug‑bounty hunters to run a repeatable black‑box vulnerability workflow: intake → recon → enum → hunt → report. It bundles a knowledge base (19 attack playbooks, 305 structured payloads, WAF/EDR bypass variants, HackerOne high/critical reports, WooYun stats, common component fingerprints and default creds) plus CVSS report templates. Key features: - Playbook-driven tests (XSS, RCE, SSRF, IDOR, SQLi, API, mobile, etc.) with examples, payloads and evidence rules. - Local MCP tool integration (jshookmcp) for browser automation, CDP, network intercept, JS/Frida/WASM tooling, ADB, SSL pinning bypass. - Data sources: public HackerOne, WooYun, Payloader collections. - Ethical bounds and safe-testing rules embedded (sampling limits, no third‑party account abuse, no destructive actions, PII redaction, OOB handling). Install via Claude Marketplace or git. MIT license.
DETECTED Detected AI stack
AI-related keywords found in this repo's description, topics, or README summary — grouped by category. Each badge links to the corresponding ranking detail page.
GitHub Topics
Owner
Dates
| Created on GitHub | 2026-05-09 |
| Last push | 2026-05-09 |
| First seen here | 2026-05-09 |
| Last fetched | 2026-05-09 18:13 |