BB Header Manager

Overview

Add custom headers to identify your bug bounty traffic. Simple, open-source, no tracking.

BB Header Manager is a lightweight tool for security researchers and bug bounty hunters. THE PROBLEM Most bug bounty programs require hunters to identify their traffic with custom headers like X-Bug-Bounty: username. This helps security teams distinguish your legitimate testing from actual attacks. THE SOLUTION Add custom headers to your HTTP requests with a simple toggle. Target specific domains, filter by request method, and switch between programs instantly. NEW IN v2.0 - Profiles: Switch between bug bounty programs instantly - Domain targeting: Wildcard support (*.example.com) - Exclude list: Never inject on google.com, banks, etc. - Method filter: Only inject on GET, POST, PUT, etc. - Auto-disable timer: Safety shutoff from 30min to 8hrs - Request counter: Badge shows modified requests - Per-header toggle: Enable/disable without deleting - Import/export: Backup and share configs as JSON FEATURES - Add unlimited custom headers - One-click enable/disable toggle - Quick presets (X-Bug-Bounty, X-HackerOne, X-Bugcrowd) - Headers persist across browser restarts - Clean, dark-themed UI PRIVACY FIRST - Zero data collection - Zero analytics - Zero external network requests - Everything stored locally - Fully open source https://github.com/gkdataio/BB-Header-Manager Built by a bug bounty hunter, for bug bounty hunters. No affiliate links, no injected content, no ownership changes. Just a clean tool that does one thing well.

0 out of 5
No ratings
Learn more about results and reviews.

Details

Version
2.0.0
Updated
February 3, 2026
Flag concern
Offered by
GK Data
Size
13.55KiB
Languages
English
Developer
Email
garrett@gkdata.io
Non-trader
This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

Privacy

Manage extensions and learn how they're being used in your organization

The developer has disclosed that it will not collect or use your data.

This developer declares that your data is

Not being sold to third parties, outside of the approved use cases
Not being used or transferred for purposes that are unrelated to the item's core functionality
Not being used or transferred to determine creditworthiness or for lending purposes

Support

For help with questions, suggestions, or problems, visit the developer's support site

Pentest Assistant

5.0

Checklist dan Mindmap untuk membantu pentester dan bug hunter.

APIsec BOLT

5.0

Discover APIs from browser traffic and auto-generate OpenAPI specs.

HTTP Header Modifier

5.0

Modify HTTP request headers for specific URLs

BrowserStack Bug Capture: Report & resolve bugs faster

4.8

Bug reporting tool with shareable screen recordings & screenshots for faster debugging.

rep+

5.0

rep+ - Capture, modify, and replay HTTP requests in Chrome DevTools with AI-powered security analysis.

Apex Debugger

4.2

Debug Salesforce apex code with ease

Network Pentesting Toolkit - VAPT

0.0

Cybersecurity extension for VAPT, pentesting, and security testing. Includes port exploits, cheatsheets & tools.

BugHerd: Visual Feedback & Bug Tracking Tool

4.3

BugHerd is a visual feedback and bug tracking tool for websites

Open Headers

0.0

Manage HTTP headers with static and dynamic sources and content auto-refresh. Dynamic sources: requests, env vars, files.

CyberGuard: HTTP Security Header & Vulnerability Scanner

0.0

Scan HTTP security headers, identify missing protections like CSP, HSTS, and XSS prevention.

Subdomain Finder - Find Hidden Subdomains

5.0

The best Subdomain Finder tool for bug bounty hunters and security researchers. Find hidden subdomains quickly and easily.

Network Ninja

5.0

Enhanced network request inspection with secure curl generation for Chrome DevTools