Area44 Bug Bounty Suite is a full-spectrum offensive security platform combining web app testing, AI/LLM red teaming, and live threat intelligence in a single self-hosted HTML file.

Two engines, one workspace—switch modes from the top bar.

C.I.C.I. — OSINT & Intelligence Collection
Multi-source target enumeration, infrastructure mapping, threat actor tracking, and breach data correlation. Pivot directly into T.A.P. from any result.

T.A.P. — 15-Module Pentest & Bounty Matrix
• CVE Lookup — live NVD queries with CVSS scoring
• Vuln Mapping — correlate findings into attack chains
• XSS — reflected, stored, DOM, mXSS, polyglots
• SQLi — union, blind, time-based, OOB, second-order
• SSTI — Jinja2, Twig, Freemarker, ERB, Velocity
• Command Injection — bash, encoding bypasses, blind
• Path Traversal — encoding chains, null byte, archive escapes
• Prompt Injection — direct, indirect, agentic, multimodal
• Jailbreaks — DAN variants, role-play, encoding bypasses
• LLM OWASP Top 10 (2025) — full payload coverage
• Adversarial ML — extraction, evasion, poisoning, MIA
• AI Report — auto-generated, client-ready
• MITRE ATT&CK — technique mapping
• CISA KEV — exploited-in-the-wild prioritization
• Bounty Hub — programs, scope, payout tracking

Built for bug bounty hunters, red teamers, and consultants—everything in one place. No install, no telemetry, no outbound calls beyond authorized intel APIs.