Bounty Prompt

---

Bounty Prompt is an open-source Burp Suite extension developed by Bounty Security that leverages advanced AI technology through both Burp AI and Groq Cloud. It allows you to save pre-configured AI prompts and automatically attach selected HTTP requests and responses from Burp Suite. This combined data is sent to the AI engine, which analyzes your HTTP traffic and provides tailored security testing insights—helping to streamline vulnerability assessments and penetration testing workflows.

Bounty Prompt not only delivers tailored security testing insights, but also actively responds to your specific queries. For instance, it can detect sensitive information within responses, scrutinize parameters to pinpoint potential vulnerabilities, and more. Moreover, the extension supports a comprehensive set of HTTP tags, allowing you to seamlessly incorporate key elements of HTTP traffic—such as headers, parameters, bodies, and cookies—directly into your prompts.

Usage with Burp AI

---

WARNING! You need a Burp Suite Pro Early Adopter 2025.2 version or newer compatible with Burp AI:

1. Install the extension.
2. Specify the prompts directory in the Config tab.
3. Enable Use AI in the extension:

4. Select the desired HTTP requests/responses in Burp Suite.
5. Right-click and choose the Burp AI menu option.
6. The prompt will be sent to Burp AI, and the resulting output or issue will be displayed accordingly.

Usage with Groq Cloud

---

To use Groq Cloud:

1. Ensure you have a valid Groq Cloud API key and select the desired AI model from the configuration.
2. Specify the prompts directory in the Config tab..
3. Select the desired HTTP requests/responses in Burp Suite.
4. Right-click and choose the Groq Cloud menu option.
5. If the Groq API key is not configured or is empty, a popup will prompt you to configure it in the Config tab.
6. The prompt will be sent to Groq Cloud using the specified API key and model. The output or created issue will then be displayed within Burp Suite.

For more details on Groq Cloud, visit: Groq Cloud

Features

---

• AI-Driven Prompt Generation: Harness the power of AI to generate customized security testing prompts tailored to your web application assessments.
• Advanced HTTP Tag Support: Automatically insert specific HTTP data into your prompts using predefined tags such as [HTTP_Requests], [HTTP_Requests_Headers], [HTTP_Requests_Parameters], [HTTP_Request_Body], [HTTP_Responses], [HTTP_Response_Headers], [HTTP_Response_Body], [HTTP_Status_Code], and [HTTP_Cookies].
• Issue Creation Integration: Seamlessly create issues in Burp Suite with detailed descriptions generated by the AI, including dynamic severity and confidence settings.
• Flexible Configuration: Customize prompts with fields for Title, Author, Output Type, Severity, and Confidence directly from an intuitive graphical interface.
• User-Friendly Interface: Easily trigger prompt generation via a context menu, with a streamlined workflow for selecting and analyzing HTTP messages.
• Robust Error Handling: Provides clear notifications and error messages during prompt generation and issue creation, ensuring a smooth user experience.
• Dual AI Integration: Now supports both Burp AI and Groq Cloud AI:
  • Burp AI: Leverages the latest Burp AI technology integrated directly into Burp Suite.
  • Groq Cloud AI: Utilizes advanced AI models hosted on Groq Cloud for scalable and powerful analysis.

For more information, please visit our website: https://bountysecurity.ai

Load the Extension

---

1. Navigate to Extender > Extensions.
2. Click Add.
3. Select Extension Type: Java.
4. Click Select file... and choose the compiled JAR file from the repository (or the directory containing your compiled classes).
5. Click Next and wait for the extension to load. You should see the extension named Bounty Prompt in the list.

Configuration

---

The extension allows you to configure AI prompts. Each prompt consists of the following fields:

• Title: The title of the prompt.
• Author: Your identifier (e.g., @bountysecurity).
• Output Type: Choose between Issue or Prompt Output.
• Severity: For issues – options include Information, Low, Medium, and High.
• Confidence: For issues – options include Certain, Firm, and Tentative.
• System Prompt: Instructions for the AI to define its role (e.g., "You are a web security expert specialized in SQL injection analysis...").
• User Prompt: The question or task for the AI. This field may include special tags (see Supported HTTP Tags).

AI Prompts

---

Configure your prompts in the extension UI. For issue-related prompts, set the Output Type to Issue and select the desired Severity and Confidence levels. For prompts that display output, set the Output Type to Prompt Output.

Supported HTTP Tags

---

You can include the following tags in the User Prompt to automatically insert specific HTTP properties into your prompt:

• [HTTP_Requests]: Includes the complete HTTP request text.
• [HTTP_Requests_Headers]: Includes only the HTTP request headers.
• [HTTP_Requests_Parameters]: Includes the query string parameters from the HTTP request URL.
• [HTTP_Request_Body]: Includes the HTTP request body (if available).
• [HTTP_Responses]: Includes the complete HTTP response text.
• [HTTP_Response_Headers]: Includes only the HTTP response headers.
• [HTTP_Response_Body]: Includes the HTTP response body.
• [HTTP_Status_Code]: Includes the HTTP response status code (e.g., 200, 404).
• [HTTP_Cookies]: Includes cookies extracted from the HTTP request or response.

Example Prompts

---

Below are some sample prompts you can use or modify:

SQL Injection & Other Attack Parameters Issue

• Title: SQL Injection & Other Attack Parameters Issue

• Author: @bountysecurity

• Output Type: Issue

• Severity: High

• Confidence: Firm

• System Prompt:

    You are a web security expert specialized in vulnerability analysis. Analyze the provided HTTP requests and identify parameters that may be vulnerable to SQL injection, XSS, command injection, and other attacks. For each potential vulnerability, list the URL and the vulnerable parameter(s). If none are found, respond with "NONE".
  

• User Prompt:

    Please analyze the following HTTP request parameters for potential vulnerabilities. Output only the URL and the vulnerable parameter names in the following format:
    
    These are the URLs and parameters potentially vulnerable:
    - URL
      - Parameter1
      - Parameter2
    [HTTP_Requests_Parameters]
  

Sensitive Information Disclosure Issue

• Title: Sensitive Information Disclosure Issue

• Author: @bountysecurity

• Output Type: Issue

• Severity: Medium

• Confidence: Tentative

• System Prompt:

    You are a web security expert focused on identifying sensitive information disclosures. Analyze the provided HTTP responses for accidental exposure of sensitive data such as internal IPs, version numbers, and configuration details. For each finding, output the URL and the line number where the sensitive information appears. If no sensitive information is found, respond with "NONE".
  

• User Prompt:

    Analyze the following HTTP responses for any sensitive information.
    [HTTP_Responses]
  

(Additional prompt examples at the prompts directory)

Contributing

---

Contributions are welcome! Please fork the repository, submit pull requests, or open issues if you have suggestions, find bugs, or want to improve the extension. Ensure that your contributions follow the existing code style and include appropriate tests and documentation.

License

---

This project is licensed under the MIT License.

Contact

---

For questions or support, please contact: hello@bountysecurity.ai