Accepting Applications

Find real bugs.
Earn real money.

We find vulnerabilities in open-source software using AI-powered tools and submit them to bounty platforms. Join the team, find bugs, get paid.

8+
Platforms
500+
Detectors
¥4k
Monthly (CNY)
AI
Powered

Contents

01 What is OwlMind 02 What we look for 03 How it works 04 Onboarding 05 Your tools 06 Daily workflow 07 How to submit 08 Platforms 09 Payment 10 Rules 11 FAQ

01 What is OwlMind?

OwlMind is a professional bug bounty team. We find real security vulnerabilities in open-source software — WordPress plugins, AI/LLM frameworks, web applications — and submit them to bounty platforms for cash rewards.

This is real work with real money. Every accepted vulnerability report = a bounty payout. The better your findings, the more you earn.

02 What we look for

🔒
SQL Injection
Unsanitized DB queries
👤
IDOR
Access other users' data
🌐
SSRF
Server-side request forgery
🔓
Missing Auth
Unprotected endpoints
⚠️
RCE
Remote code execution
🛠️
XSS & More
Path traversal, ObjInj

03 How the system works

You (Claude Code + owlhunt)
  │
  ▼
Scan targetFind vulnerabilityVerify it's real
  │
  ▼
owlhunt add (register) → owlhunt submit (send to platform)
  │
  ▼
Platform reviews → Accepted → Bounty Paid → salary + KPI bonus

What you do

Open Claude Code and research targets. Find real vulnerabilities with code analysis. Register and submit findings via owlhunt.

What the system does

AI-powered scanning tools. Deduplicates against known CVEs. Submits to platforms via secure proxy. Tracks payouts.

04 Step-by-step onboarding

1

Apply

Fill out the form at bounty.muravey.app/bounty with your name, email, OS, and language.

2

Wait for approval

The team lead reviews your application. Check status at /bounty/status/yourname.

3

Download bundle

Once approved, a one-time download link appears on your status page. Download owlmind-yourname.tar.gz.

4

Run the installer

Extract and run the installer. It sets up everything automatically.

# macOS / Linux
tar xzf owlmind-yourname.tar.gz && bash install.sh

# Windows — extract, then run as Administrator:
install.bat
5

Installer does everything

Dependencies, scripts, 500+ detectors, Claude Code config, heartbeats, daily reports, team sync. You see 7/7 check at the end.

6

You are ACTIVE

Open Claude Code and start hunting. Your portal status changes to ACTIVE.

The download link works only once. If it fails, ask the team lead for a new one.

05 Your tools

Claude Code

AI assistant that reads code, searches files, traces data flows, and finds vulnerabilities. Already knows the OwlMind methodology.

# Start Claude Code
claude

# Ask it to audit a target:
> audit the WordPress plugin user-registration for IDOR vulnerabilities

# Claude clones the repo, finds AJAX handlers,
# traces data flows, and reports findings

owlhunt CLI

CommandWhat it does
owlhunt new URLStart new target session (clone + quick audit)
owlhunt listList all active sessions
owlhunt add SESS --file path --type idorRegister a confirmed finding
owlhunt submit SESSSubmit finding to bounty platform
owlhunt submit SESS --dry-runTest submission without sending
owlhunt scan-astRun AST scanner (500+ detectors)
owlhunt lab-upStart local WordPress test lab (Docker)
owlhunt deephunt OWNER/REPOFull pipeline: scope, clone, scan, triage, dedup, draft
owlhunt slop-check DRAFT.mdCheck report for AI-sounding language
owlhunt record SLUG --type idorRecord submission to team ledger
Always use --dry-run first. It runs dedup and quality checks without sending.

System requirements

RequirementDetails
OSmacOS (recommended), Windows 10+, or Linux
Node.js18+ (for Claude Code)
Python3.10+ (for scanning tools)
GitFor cloning target repos
RAM8 GB minimum
InternetStable (required for API calls and heartbeats)

06 Daily workflow

1

Check targets queue

Open Claude Code. Ask for available targets or run owlhunt new URL --wp for a WordPress plugin.

2

Research the target

Read the code. Look for AJAX handlers, REST endpoints, SQL queries, file operations. Trace data flows from user input to dangerous sinks.

3

Find & verify

Use Claude Code + owlhunt scan-ast. Set up a test lab (owlhunt lab-up). Write a PoC. Confirm it works.

4

Register & submit

Use owlhunt add to register, then owlhunt submit to send to the platform.

Quality over quantity. One real, verified, well-written report is worth more than 10 unverified ones.

07 How to submit findings

# 1. Register the finding
owlhunt add SESSION --file path:line --type sqli --severity high --title "..."
  → Pass 1 dedup (checks known CVEs)

# 2. Test submission (dry run)
owlhunt submit SESSION --dry-run
  → Pass 2 dedup (WPScan + NVD + OWVD) + slop check

# 3. Submit for real
owlhunt submit SESSION
  → Enhances report + sends to platform + records ID

Report quality checklist

☑ Vulnerability confirmed in the current version
☑ Minimum role stated exactly (Unauth / Subscriber / Author)
☑ Working PoC as a curl command anyone can run
☑ Data flow traced: file:linefile:line → sink
☑ CVSS score with justification
☑ Specific impact (not "may allow unauthorized access")
☑ No existing CVE (dedup check passed)
☑ Fix proposed with actual code patch
☑ Written in clear technical English — no AI-sounding language
Never use "This vulnerability allows attackers to potentially..." or "It is important to note that..." — write like a human researcher: direct, specific, real line numbers.

08 Platforms & payouts

Patchstack
WordPress plugins
$200–$1.5k
Huntr
AI / LLM / open-source
$100–$5k
HackerOne
Enterprise programs
$500–$25k
Bugcrowd
Enterprise programs
$500–$10k
Wordfence
WordPress vulns
$50–$1,066
YesWeHack
European programs
varies
Immunefi
Web3 / crypto
$1k–$50k+
MSRC
Microsoft (via H1)
$500–$15k
Some platforms use a secure proxy (no account needed). For HackerOne/Bugcrowd, you submit from your own account with a @muravey.app email. Details during onboarding.

09 Compensation

Fixed salary¥4,000 CNY/month (~$550) — guaranteed monthly payment
KPI bonusPerformance-based percentage calculated monthly based on findings, severity, acceptance rate
PayoutPayPal, bank transfer, or crypto — arranged individually
TimingSalary: monthly. Bonuses: after platform pays (7–30 days after acceptance)
TrackingEvery submission recorded with platform ID, amount, dual-signature
LLM costsPaid by the team. Default $3/day budget, configurable up to $50/day

Earning potential

Base salary
¥4,000
Good KPI
¥8,000
Great KPI
¥15,000
Top performer
¥25,000+

10 Rules

1
Never share tools, detectors, or methodology. All scripts and techniques are proprietary. Sharing = immediate termination.
2
All submissions go through the system. Register via owlhunt add and submit via owlhunt submit. No side-channel submissions.
3
Never fabricate findings. Every finding must be real and verified with a working PoC.
4
Quality over quantity. One well-written High beats 10 unverified Mediums.
5
Do not modify guard, watchdog, or detectors. Tampering triggers an alert and immediate revocation.
6
Keep heartbeats active during work hours. Machine must be on and connected when working.
7
NDA is permanent. Even after leaving, you may not disclose internal processes.

11 FAQ

How much can I earn per month?
Every researcher receives a fixed salary of ¥4,000 CNY/month (~$550 USD) plus KPI-based performance bonuses. Top performers with consistent High/Critical findings can earn ¥15,000–25,000+ per month.
Do I need security experience?
Basic understanding of web security (SQLi, XSS, IDOR) is helpful. Claude Code and the methodology will guide you, but you need to understand what you're looking for. Study OWASP Top 10 and real bug bounty writeups.
What if my finding is a duplicate?
The system runs automatic dedup against 5 databases before submission. If it's still a duplicate on the platform — no penalty. Duplicates are a normal part of bug bounty.
Can I use my own tools?
Yes — Burp Suite, sqlmap, nuclei, etc. But all submissions must go through owlhunt submit.
What if my finding is rejected (N/A)?
No penalty. But too many N/A reports lower platform reputation, so always verify thoroughly before submitting.
How do submissions work?
You submit from your own platform account (set up during onboarding with a @muravey.app email). The owlhunt submit command runs dedup and quality checks before you send. All submissions are tracked in the portal.
My download link expired. What do I do?
Contact the team lead. They'll generate a new approval with a fresh download link.

Ready to start?

Apply now. Get approved. Start finding bugs and earning money.

Apply to Join the Team