85%
do not run continuous monitoring.
The active hunter segment has not adopted any existing platform. Greenfield, not self-host churn.
Hunter-native continuous ASM
ASMHunter watches your bug bounty scope, catches asset drift, and tells you which scan surfaced the asset that earned the bounty — and you can drive all of it from Claude or Cursor over MCP.
Free tier. No credit card. Built by a hunter, for hunters.
The gap
Attack surface monitoring (ASM) means continuously tracking every internet-facing asset in your bounty scope — subdomains, ports, endpoints — and catching the moment it changes. ASMHunter runs that monitoring for you and attributes every finding back to the scan that surfaced it.
Three reasons hunters miss money on programs they are already in.
85%
The active hunter segment has not adopted any existing platform. Greenfield, not self-host churn.
~12/wk
Bounty scopes ship constantly. A weekly sweep is the floor — serious assets move every day.
$0
If you cannot say which scan, which asset, and which day surfaced the bounty, the tool that earned it is the tool you cancel.
Figures based on ASMHunter platform monitoring data and founder market research.
No VPS, cron, or queue babysitting.
Continuous diff feed for assets, ports, endpoints, and findings.
Every finding carries scan, asset, and date metadata.
The workflow
ASMHunter is built around the pains that cause missed bounties: asset gap, first-to-file pressure, tool sprawl, and the inability to prove which paid tool actually earned anything.
New subdomains, ports, HTTP fingerprints, URLs, and findings land in one chronological feed.
Scheduled sweeps run without self-host stacks, workers, cron jobs, or manual dedupe scripts.
Targets are tied to bounty scope so the system is shaped around authorized hunting.
Use the API as a substrate for Caido, custom scripts, or AI agents. ASMHunter does not replace your methodology.
AI & MCP
ASMHunter ships a Model Context Protocol server, so you can drive recon, hunt sessions, and reports straight from Claude, Cursor, or any MCP client — in plain language, without leaving your editor.
“Start a hunt session on Shopify with the goal ‘find IDOR in billing’, pull my newest assets, then draft the report.” — done from your AI client.
Drop one config block into your MCP client. Your whole ASMHunter workspace becomes a toolset your AI can call.
Ask for new assets, start goal-driven sessions, log leads and findings, and draft reports without leaving the chat.
Set a goal when you start a session; your AI reads it on every step and keeps the hunt focused on what pays.
Attribution loop
Each finding is stamped with the scan run, asset, timestamp, and source. When a report pays, you can connect the bounty back to the exact monitoring event.
Pricing
Pick the sweep frequency and target count that match how often you hunt.
$0
Weekly sweeps / 3 targets
$49/mo
Daily sweeps / 10 targets
$99/mo
6h sweeps / 25 targets
$199/mo
Hourly sweeps / unlimited targets
FAQ
Attack surface monitoring (ASM) is the practice of continuously discovering and tracking every internet-facing asset tied to a target — subdomains, IPs, ports, HTTP services, and endpoints — and detecting when that surface changes. A one-off scan is a snapshot; continuous ASM re-runs discovery on a schedule and surfaces only the diff: what is new, what moved, what disappeared. For bug bounty hunters this matters because scopes ship new assets constantly, and the person who sees a new subdomain first has the best shot at the bounty. ASMHunter runs this monitoring for you and delivers the changes as an alert feed instead of raw scan output.
Most ASM platforms tell you that your attack surface changed. ASMHunter also tells you which change earned money. Every finding is stamped with the scan run, the asset, the timestamp, and the source that surfaced it, so when a report pays out you can trace the bounty back to the exact monitoring event that found the asset. This is the attribution loop, and it answers the only question that matters at renewal: what did this tool actually earn? ASMHunter is also built specifically for solo hunters rather than enterprise security teams — pricing, scope handling, and alerting are all shaped around one person hunting public and private bug bounty programs.
No. ASMHunter runs scheduled sweeps on managed infrastructure, so there is no VPS to rent, no cron jobs to maintain, no scan queue to babysit, and no dedupe scripts to write. You add a target that matches your bounty scope, pick a sweep cadence, and the platform handles discovery, detection, diffing, and alerting. This is the main difference from self-hosted recon stacks like a personal server running subfinder and nuclei on cron: those break silently, drift out of date, and demand ongoing maintenance. ASMHunter exists so you spend your time hunting the findings rather than keeping the pipeline alive. See the full ASMHunter vs self-hosted recon comparison for an honest side-by-side.
Yes — that is exactly what it is built for. Targets are tied to bounty scope so the system is shaped around authorized hunting. You may only configure scan targets that you own, that you are explicitly authorized to test, or that are listed in a public bug bounty program with in-scope assets that match. By adding a target you confirm you have legal authority to run automated security testing against it. ASMHunter monitors both public and private program scope, which is where continuous coverage pays off most: private invites and freshly added assets are where first-to-file advantage is largest.
The free tier gives you weekly sweeps across 3 targets with the full continuous monitoring stack: the diff feed, change detection, and Telegram and email alerts. No credit card is required to start. Paid tiers increase both sweep frequency and target count — Hunter is $49/month for daily sweeps and 10 targets, Pro is $99/month for 6-hour sweeps and 25 targets, and Legend is $199/month for hourly sweeps and unlimited targets. Annual billing is priced at ten months (for example Hunter is $490/year). You can upgrade at any time as your scope grows, and downgrade or cancel from account settings.
ASMHunter ships a Model Context Protocol (MCP) server, so you can drive recon, hunt sessions, and reports directly from Claude, Cursor, or any MCP client in plain language. You drop one config block into your MCP client and your entire ASMHunter workspace becomes a toolset the AI can call: pull your newest assets, start a goal-driven hunt session, log leads and findings, and draft a report without leaving the chat. The MCP server is published on PyPI as the asmhunter-mcp package. Because sessions are goal-driven, the AI reads your stated objective on every step and keeps the hunt focused on what actually pays.
Your account and scan data live in a Postgres database hosted by Supabase in the Frankfurt (EU) region, encrypted at rest with TLS in transit. Scan artifacts and raw tool output are stored in Backblaze B2 (US region), and sweeps run on a Hetzner worker fleet in the EU that retains no scan output after upload. ASMHunter runs no third-party analytics, advertising, or session-replay tools — no Google Analytics, no Mixpanel, no tracking pixels — and does not sell your data or train any AI model on your scan results. You can export or delete your account data at any time; hard deletion runs seven days after the request. See our privacy policy for the full subprocessor list.
ASMHunter offers a 7-day, no-questions refund on paid plans. You can cancel or change your plan at any time from account settings; billing is handled by LemonSqueezy as the merchant of record, so card details never touch ASMHunter's own systems. When you cancel, your account data is retained for a 7-day grace period in case you change your mind, then hard-deleted. Because the free tier costs nothing and requires no credit card, the lowest-risk way to evaluate the product is to run it against your real scope on the free plan first and upgrade only once you have seen it surface changes you care about.
Get started
Free tier, no credit card. Start monitoring your scope in minutes.
Start freeUpgrade anytime as your scope grows. How we handle data