After years of bug bounty hunting, I got frustrated with existing scanners. Too slow, too many false positives.
So I built Lonkero – a Rust-powered web vulnerability scanner optimized for real-world hunting.
What makes it different:
- 60+ modules (XSS, SQLi, SSRF, IDOR, misconfigs)
- Built for speed – handles thousands of requests
- Low noise – focuses on exploitable findings
I've used it to find 130+ valid bugs across various programs.
What's your current recon/scanning workflow?
Top comments (0)