GBounty and GBounty Profiles Designer.

Website Vulnerability

Fast, reliable, and highly customizable.

Already have a license?  Download your software.

or discover more

Website scanner designed to find unique vulnerabilities.

GBounty is a standalone command line website vulnerability scanner developed in Golang designed to help companies, pentesters, and bug hunters identify potential vulnerabilities in web applications. Some of the key benefits include:

  • Fast: GBounty is designed to identify potential vulnerabilities in web applications more quickly, saving you time and effort.
  • Reliable: GBounty uses different types of scans (active and passive) to perform a comprehensive analysis of the target website, ensuring that potential vulnerabilities are identified accurately.
  • Customizable: GBounty allows you to easily implement and search for new vulnerabilities in a quick manner.
  • Integrable: GBounty can be integrated into your CI (continuous integration) scans and run on Linux, Windows, and macOS systems.
  • Valuable information collection: In addition to identifying vulnerabilities, GBounty can also collect valuable information that can be useful during manual pentesting, such as identifying vulnerable parameters, detecting software versions, and more.

With GBounty, you can quickly and accurately identify potential vulnerabilities in web applications, saving you time and effort. Try it out today and see the difference for yourself!

Please, see the Documentation section for more information.

Why GBounty?


It can help you to identify potential vulnerabilities in web applications more quickly.


The different types of scans: active and passive, allow you to perform a complete analysis on the target.


You can implement new vulnerabilities in few seconds, and then GBounty will take care of finding them for you.


Yearly Plan

  • Billed each year
  • Tri-device activation
  • 5-day refund guarantee

GBounty Profiles Designer.

GBounty Profiles Designer is a powerful tool that gives you the ability to create custom web vulnerability profiles for use with GBounty. Some of the key benefits include:

  • Easy to use: It offers a graphical interface that makes it easy to create new vulnerability profiles.
  • Customization: It has a unique customization capacity, with new insertion points and search types that allow you to tailor the profiles to your specific needs.
  • Passive and active profiles: You can create both passive and active vulnerability profiles, which can be used to perform a comprehensive review of a web application.
  • Fast and efficient: It allows you to create new vulnerability profiles in a simple and fast way, so you can integrate new web vulnerabilities into your tests quickly.

Easy usage

The graphical interface it allows you to create new profiles in a few seconds.

Advanced profiles

More customizable web vulnerability profiles to control your scans.

More powerful

Extracting the insertion points from the requests, a in-deep analysis is ensured.

Better performance

Speed and efficiency in the web vulnerability scans are in our DNA.

Main clients.

These are some of our most recognized clients.


What do our users say about GBounty ?
 Jason Haddix
Jason Haddix @Jhaddix
Read More
Burp bounty is 🔥🔥🔥
Aditya Shende 🇮🇳
Aditya Shende 🇮🇳 @ADITYASHENDE17
Read More
Yesterday night I used tool of @BurpBounty . Found 3 SSRF with fastest HTTP interaction, More fast than collaborator everywhere. Profile section part is really awesome. Combined burpbounty with hunt master. ❤️❤️ Big Shout out to @BurpBounty
BApp Store
BApp Store @BApp_Store
Read More
We asked, you answered. Our top Twitter extensions are as follows: - Turbo Intruder - Flow - Logger++ - Hackvertor - Param Miner - Burp Bounty, Scan Check Builder - Auto Repeater
Ozgur Alp
Ozgur Alp @ozgur_bbh
Read More
For the last 2 weeks I started using Burp Bounty actively within my own configured profiles/settings. Today I find the first valid vuln within that, which Burp active scan didn't found it so thanks @BurpBounty for latest improvements on the extension regarding my feedback
Harsh Bothra
Harsh Bothra @harshbothra_
Read More
Burp Extensions that I use: (1/n) 1. Autorize - To Test BACs 2. Burp Bounty - Profile-based Scanner 3. Active Scan++ - Add more power to Burp's Active Scanner 4. AuthMatrix - Authorization/PrivEsc Checks 5. Broken Link Hijacking - For BLH #bugbountytips #bugbounty
Diego Jurado
Diego Jurado @djurado9
Read More
Go check the new Burp Bounty release! This awesome plugin helps me a lot in my daily bug hunting and pentest 💪🏼 #bugbounty
 epic bounties
epic bounties @epicbounties
Read More
Para mejorar la calidad de los escaneos de tú herramienta Burpsuite, te recomendamos añadir los siguientes plugins: Burp Bounty, Additional Scanner Checks, AWS-extender, Swagger Parser, WSDLER, J2EEScan, JSON Beautifier. #bugbounty #bugbountyspain #bugbountyespañol
sw33tLie @sw33tLie
Read More
Never heard of "Burp Bounty"? Then check it out, it's an awesome Burp extension and you should be using it already! #bugbountytips!
Zach @Nu11ifidian
Read More
Burp Bounty Pro is so legit. Best tool I've EVER purchased (and it's less than $80). It's found vulnerabilities that I missed every test I've done with it so far, and it just keeps getting better. @BurpBounty Great job, money VERY well spent! @_Bugbountytips_
Read More
Edu Garcia, @cobalt_io , Core #pentester, shares insights on his #BurpSuite extension, Burp #Bounty. In this session, he will explore what it is, how it works, and why it’s useful. #bugbounty #bugbountytip #security #cybersecurity #hacking #girlswhocode
Six2dez @Six2dez1
Read More
😎Seriously, you should already be using Burp Bounty Pro @BurpBounty #BugBounty #bugbountytips
STÖK ✌️ @stokfredrik
Read More
Bounty Thursdays - H1 paid $2.4m to hackers in ONE week , VirSecCon aftermath & Burp Bounty update

Any questions?

Read our FAQ or contact us

Stay tuned.