TrinetLayer

Bug bounty recon companion: manage program scope and surface recon data for the active page. Includes payload library and utilities.

TrinetLayer is the modern reconnaissance cockpit for bug bounty hunters and security researchers. It replaces a chaotic stack of cheat sheets, sticky notes, online decoders, and scope checkers with one beautifully designed Chrome extension that lives quietly in your toolbar — and springs to life the moment you load a target. Curated payloads, scope-aware indicators, instant page intel, per-domain notes, and trusted utilities. All in one click. All fully local. Built by hunters. Refined for professionals. Free to install. Your entire recon workflow. One toolbar. Zero noise. KEY BENEFITS Save hours every engagement by replacing five tools with one polished extension Stay safely inside authorized scope thanks to a live, color-coded toolbar indicator Move from "new target" to "first finding" faster with one-click page intelligence Keep every note, payload, and scope rule perfectly organized — automatically Decode and inspect sensitive tokens locally, never on a third-party website Enjoy a SaaS-grade interface that looks and feels as good as the work you ship SMART FEATURES SCOPE MANAGER — Define your program's in-scope domains with full wildcard support (like *.example.com). The toolbar icon turns green on in-scope pages and gray on out-of-scope pages, giving you a constant, glanceable safety signal. Test any URL instantly against your saved scope. PAYLOAD LIBRARY — A curated, battle-tested arsenal of XSS, SQLi, SSRF, XXE, and IDOR payloads, organized by category and tag. Search, filter, and copy with a single click. Add your own custom payloads, tags, and descriptions to build a personal library that grows with your skills. PAGE INFO SCANNER — Run an on-demand DOM scan of the active tab to instantly see counts of forms, inputs, links, scripts, iframes, HTML comments, and password fields. Surfaces form actions, potential IDOR-pattern links, hidden comments, and external script sources. Plus a complete view of response security headers (CSP, HSTS, X-Frame-Options, Permissions-Policy, and more) — your full attack surface in seconds. RECON NOTES — Per-domain notes that auto-organize as you browse. Quick-save snapshots, review your history, and export to clean Markdown for instant reporting. Your engagement notebook, perfectly structured, always with you. BUILT-IN UTILITIES — Base64 encode and decode, URL encode and decode, and a clean JWT inspector (header, payload, and signature) right inside the extension. No more pasting sensitive tokens into untrusted online decoders. PREMIUM LIGHT AND DARK UI — A polished interface with full light and dark themes. Fast, focused, and pleasant to use — even at 2 AM during a long hunting session. HOW IT WORKS Install TrinetLayer and pin it to your Chrome toolbar. Open the Scope tab and paste the in-scope domains for your bug bounty program. Wildcards like *.example.com are fully supported. Browse normally. The toolbar icon turns green when you are on an in-scope page and gray when you are not — so you always know exactly where you stand. Need a payload? Open the Payloads tab, search, filter, and copy. Need page intel? Hit "Scan Current Page." Need to decode a JWT? Open Utilities. Need to capture a finding? Drop it into the Notes tab — it auto-files by domain. When the engagement is over, export your notes to Markdown for instant, clean reporting. That is the entire workflow. No accounts. No setup screens. No friction. REAL-WORLD USE CASES Bug bounty hunting — Stay inside scope, fire payloads faster, and document findings as you go. Penetration testing engagements — Keep separate notes per client domain and export polished Markdown reports. AppSec triage — Scan a suspect page in seconds to see forms, scripts, IDOR patterns, and missing security headers. CTF competitions — Carry your payload arsenal, decoder, and notebook in one keystroke-fast popup. Web development security reviews — Inspect your own site's attack surface and validate your security headers in seconds. Security learning and research — A clean, organized environment to study payloads, take notes, and practice safely. WHY IT IS DIFFERENT Most "hacker tools" are either bloated browser suites that slow you down or scattered single-purpose utilities that never quite fit your workflow. TrinetLayer is engineered around a different philosophy. All-in-one — scope, payloads, notes, page intel, and utilities in one popup, not five Scope-aware by design — the only recon extension with a live, glanceable in-scope indicator 100% local — no accounts, no cloud sync, no telemetry, no tracking, ever Lightweight Manifest V3 build with minimal permissions and zero bloat Premium SaaS-grade UI that respects your eyes, your time, and your taste Fully extensible — every payload, note, and scope rule is yours to customize WHO SHOULD USE IT Bug Bounty Hunters who want a faster, cleaner field workflow Penetration Testers running multiple client engagements at once AppSec Engineers triaging pages and headers on the fly Red Teamers who need a portable companion for authorized assessments Security Students and CTF Players learning the craft and building habits Web Developers who want a safer JWT decoder and a clearer view of their own attack surface PRIVACY FIRST, ALWAYS TrinetLayer is fully local. No user accounts. No cloud servers. No analytics. No third-party tracking. Every payload, note, and scope entry lives only in your browser. Your recon stays your recon. IMPORTANT — AUTHORIZED USE ONLY TrinetLayer is intended exclusively for authorized security testing. Only use it on programs, applications, and assets you have explicit permission to assess. Always follow the rules of engagement of any bug bounty program you participate in. Misuse of this tool is strictly the responsibility of the user. PROFESSIONAL CTA Stop tab-hopping. Stop second-guessing your scope. Stop pasting tokens into random websites. Install TrinetLayer today and turn every browser tab into a recon-ready workspace — curated payloads, instant page intel, scope safety, beautiful notes, and trusted utilities, all one click away. Click Add to Chrome and start hunting smarter.