Bountyhunt.xyz launches to speed up Web3 bug hunting
BountyHunt.xyz today launched a live monitoring and alerting service for smart contract bug bounty hunters.
San Francisco, CA, June 17, 2026 — BountyHunt.xyz today launched a live monitoring and alerting service for smart contract bug bounty hunters. The product tracks the GitHub repositories for all bug bounty programs across seven platforms, and fires instant Telegram alerts the moment new in-scope code ships or new bounty programs go live or get updated. It is available now at $9 per month with a three-day free trial.
BountyHunt pulls every active program into a single live feed and streams new commits, pull requests, releases, and tags as they happen. Coverage spans Immunefi, Sherlock, Cantina, HackenProof, HackerOne, and AgentArena, plus self-hosted bounty programs. Hunters filter the feed by program, reward size, and programming language, then receive instant Telegram alerts when in-scope code changes.
The service also flags brand-new programs the day they launch, where competition is lowest. For researchers who automate, BountyHunt ships an MCP server that connects to Claude Code, Codex, or any MCP client, alongside webhooks and a REST API for building custom pipelines on the same feed.
In competitive bug bounty programs, speed decides payouts. Duplicate findings are not rewarded, so a valid report submitted hours after another researcher earns nothing. The window between a code push and the first valid report is where bounties are won, yet most hunters still poll repositories on a schedule or learn of new scope through word of mouth. By compressing the gap between a commit and a researcher's awareness of it, BountyHunt aims to put hunters on fresh in-scope code first. Bug bounties remain a primary last line of defense for live smart contracts, and the researchers who reach new code first are the ones who get paid.
"The bounty usually goes to whoever sees the new code first, not whoever is the better researcher," a BountyHunt spokesperson said. "Hunters lose valid findings to duplicates every week because they were checking a repo on a schedule while someone else got the alert in real time. BountyHunt closes that window. When in-scope code ships, the alert lands in your Telegram, and you are reviewing it while it is still fresh. Speed to new code is the part of this work that has been left to luck, and it does not have to be."
BountyHunt is live now, not a waitlist. Pricing is a single plan at $9 per month with everything included: the live dashboard, commit tracking, Telegram alerts, filters, MCP, webhooks, and API access, with no tiers, no per-seat fees, and no hidden costs. The three-day free trial requires no credit card, can be canceled anytime, and takes under a minute to set up.
Researchers can start at https://bountyhunt.xyz.
About BountyHunt
BountyHunt is a live monitoring and alerting service for smart contract bug bounty hunters and security researchers. It tracks the GitHub repositories behind bug bounty programs across Immunefi, Sherlock, Cantina, HackenProof, HackerOne, and AgentArena, plus self-hosted programs, and fires instant Telegram alerts the moment new in-scope code ships, new bounty programs launches or gets updated. The product offers a live dashboard, smart filters, an MCP server, webhooks, and a REST API on a single plan at $9 per month with a three-day free trial. Learn more at https://bountyhunt.xyz.
Media contact