Offensive security, built from the root up

Security tools for serious operators

Gotroot Labs builds professional-grade reconnaissance and web security tooling for bug bounty hunters, pentesters, and security teams who need speed without the noise.

Explore SpyHunt contact@gotrootlabs.com

40+

Security modules

Chain

Workflow automation

Pro

Built for real engagements

Flagship product

SpyHunt by Gotroot Labs

A unified recon and web security toolkit — from subdomain discovery to vulnerability scanning, all in one operator-focused interface.

spyhunt / pro

Recon to exploit, one workflow

SpyHunt PRO combines OSINT, active scanning, and chain-based workflows so you spend less time switching tools and more time finding real issues.

Subdomain enumeration, DNS, and asset discovery
HTTP probing, directory brute-force, and endpoint mapping
XSS, SQLi, CRLF, request smuggling, and more
WordPress audits, JWT analysis, and cloud misconfig checks
Chain workflow — pipe results between modules automatically
Built-in browser panel for live target inspection

Request early access GitHub

$ spyhunt --chain quick target.com [subfinder] 847 subdomains found [httprobe] 312 live hosts [dirbrute] /admin/ → 403 (baseline matched) [xss] reflected param on /search?q= [wordpress] WP 6.4.2 · 3 plugins · 2 users [reqsmuggle] CL.TE not vulnerable [chain] → 14 findings exported Done in 4m 22s · 48 threads

Capabilities

Everything you need on one target

Modular scanners designed for accuracy — fewer false positives, smarter baselines, and workflows that match how operators actually work.

◎

Asset discovery

Subdomains, DNS records, certificate transparency, and live host detection across large scopes.

⬡

Web recon

HTTP probing, technology fingerprinting, JS endpoint extraction, and directory enumeration.

⚡

Vulnerability scanning

XSS, SQL injection, CRLF, open redirects, CORS, SSRF, and request smuggling probes.

⎔

CMS & APIs

WordPress audits with CVE lookup, JWT analysis, GraphQL introspection, and API mapping.

⇄

Chain workflow

Pipe output from one module to the next — recon flows into probing, then into vuln scans.

☁

Cloud & infra

AWS and Azure misconfiguration checks, S3 bucket discovery, and favicon-based tech ID.

About

Built by operators, for operators

Gotroot Labs is an offensive security software company focused on building tools that respect your time. We ship software shaped by real bug bounty and penetration testing workflows — not checkbox scanners that flood you with noise.

Our flagship product, SpyHunt, started as a personal recon toolkit and evolved into a full platform with dozens of integrated modules, chain automation, and a professional GUI built for long engagement sessions.

SpyHunt Community will remain free and open source. SpyHunt Pro adds advanced modules, higher limits, chain workflows, and priority updates for professionals who rely on these tools every day.

Signal over noise

Smart baselines and context-aware detection to cut false positives.

Speed at scale

Multi-threaded scanning with rate limiting that respects target stability.

Responsible tooling

Built for authorized security testing. Use only on systems you own or have permission to test.

Contact

Let's talk

Interested in SpyHunt Pro early access, partnerships, or security research? We'd love to hear from you.

contact@gotrootlabs.com
Request early access