bbrecon: Python library and CLI for the Bug Bounty Recon API
Bug Bounty Recon (bbrecon)
Bug Bounty Recon (bbrecon) is a free Recon-as-a-Service for bug bounty hunters and security researchers. The API aims to provide a continuously up-to-date map of the Internet “safe harbor” attack surface, excluding out-of-scope targets.
It comes with an ergonomic CLI and Python library.
This repository holds the CLI and Python library. Please see the website for more details.
- Public Programs – public bug bounty programs indexed and searchable with filters (live)
- Domains – domains in scope across programs (live)
- Private Programs – support for private programs (September 2020)
- Notifications – webhook alerts when programs are created, updated or domains discovered (September 2020)
- Endpoints – all HTTP and non-HTTP endpoints in scope across all programs (October 2020)
$ pip3 install bbrecon
bbrecon requires Python >= 3.8 – if pip tells you it can’t find bbrecon it’s probably because pip is using another Python version. Check this with pip3 –version.
If you intend to use the CLI, you should permanently configure your key:
Fetch an API key from the Console: https://console.bugbountyrecon.com
Only Google SSO is supported at this time.
$ bbrecon configure key Enter your API key: YOUR_API_KEY
You can alternatively set the BBRECON_KEY environment variable if you prefer.
The following will output all programs released in the last month that have “web” type targets (APIs/web apps):
To get scopes for specific programs, use get scopes:
To get domains for specific programs, use get domains:
Most commands can output JSON to make it easy to work with your scripts. Try –output json:
You can get information about specific programs by passing one or many slugs to the get programs command:
Note that some filters are lists, and can be used multiple times! If you wanted to get all programs that have mobile apps in scope you could run: