BB Header Manager

Add custom headers to identify your bug bounty traffic. Simple, open-source, no tracking.

BB Header Manager is a lightweight tool for security researchers and bug bounty hunters. THE PROBLEM Most bug bounty programs require hunters to identify their traffic with custom headers like X-Bug-Bounty: username. This helps security teams distinguish your legitimate testing from actual attacks. THE SOLUTION Add custom headers to your HTTP requests with a simple toggle. Target specific domains, filter by request method, and switch between programs instantly. NEW IN v2.0 - Profiles: Switch between bug bounty programs instantly - Domain targeting: Wildcard support (*.example.com) - Exclude list: Never inject on google.com, banks, etc. - Method filter: Only inject on GET, POST, PUT, etc. - Auto-disable timer: Safety shutoff from 30min to 8hrs - Request counter: Badge shows modified requests - Per-header toggle: Enable/disable without deleting - Import/export: Backup and share configs as JSON FEATURES - Add unlimited custom headers - One-click enable/disable toggle - Quick presets (X-Bug-Bounty, X-HackerOne, X-Bugcrowd) - Headers persist across browser restarts - Clean, dark-themed UI PRIVACY FIRST - Zero data collection - Zero analytics - Zero external network requests - Everything stored locally - Fully open source https://github.com/gkdataio/BB-Header-Manager Built by a bug bounty hunter, for bug bounty hunters. No affiliate links, no injected content, no ownership changes. Just a clean tool that does one thing well.