parsasmahmoudi/dayzero

DayZero is a command-line and web-dashboard tool for automated bug bounty work, meaning the practice of probing websites for security flaws under a program where the owner has agreed to be tested. The README presents it as an open-source agentic framework built on top of another project called ZeroClaw. The author positions it as a way for a single researcher to run a long chain of reconnaissance and scanning steps without doing each one by hand. The central piece is what the author calls the Hunt Brain. It looks at what early tools have found, such as discovered subdomains, detected technologies, leaked secrets, or vulnerability hits, and then queues follow-up tools accordingly. The README lists twelve integrated tools that the brain can pull from, including certificate transparency lookups for subdomains, JavaScript file analysis, a CORS probe, a parameter fuzzer, SSL and port checks, secret scanning, and a set of heuristic vulnerability checks. Findings are stored in a local SQLite database so they persist across sessions, and a real-time dashboard at port 8765 streams events using server sent events. It can also call out to a language model for reasoning during a mission. The bring your own key setup supports OpenRouter, OpenAI, Anthropic, Google AI, Groq, Ollama for local models, and any OpenAI compatible custom endpoint. The README says keys live only on the user's machine and never in the repository, and dayzero reset-api can wipe stored keys. Installation is a one-line script for Windows PowerShell or Linux and macOS shell, or a manual git clone plus an install command. After install, dayzero hunt --target example.com runs the default agentic hunt, with --quick, --deep, and --full variants for shallower or fuller scans. The README is upfront that it ships in a Full YOLO mode with safety gates off and frames it for authorized lab use. The repository has 1 star and version 3.1.0.