- PwnLog is a free bug bounty note-taking tool that captures findings in under five seconds using a single hotkey.
- The bug bounty note-taking tool auto-generates markdown journals and structured JSON timelines without any manual formatting.
- PwnLog runs entirely offline — nothing is ever transmitted, and all data lives locally in a ~/.pwnlog/ directory.
- Built with Python and CustomTkinter, PwnLog is MIT-licensed and available on GitHub for anyone to fork or extend.
- PwnLog is a free bug bounty note-taking tool that captures findings in under five seconds using a single hotkey.
- The bug bounty note-taking tool auto-generates markdown journals and structured JSON timelines without any manual formatting.
- PwnLog runs entirely offline — nothing is ever transmitted, and all data lives locally in a ~/.pwnlog/ directory.
- Built with Python and CustomTkinter, PwnLog is MIT-licensed and available on GitHub for anyone to fork or extend.
The Note-Taking Problem Every Bug Hunter Knows
Bug bounty note-taking has always been the unglamorous half of security research. You can be a sharp-eyed hunter who spots an IDOR in minutes, but if you didn’t document it cleanly — with a timestamp, a reproducible path, and a screenshot — you’re left staring at a blank report days later, piecing together a vague memory of something that felt important. A developer going by toklas495 on Dev.to got tired of that loop. So they built PwnLog.
It’s a brutally simple premise: one keyboard shortcut — ALT + SHIFT + Z — triggers a small popup window. You type what you found. You hit Enter. You’re back in your browser or terminal in under five seconds. Everything else — the timestamp, the active window title, the category tag, the screenshot — is handled automatically in the background. No forms. No Notion templates. No Burp extensions demanding your attention at the worst possible moment. For anyone serious about bug bounty note-taking, that kind of zero-friction capture is genuinely rare.
Why Bug Bounty Note-Taking Tools Keep Failing Hunters
The security research community isn’t short on tooling. Burp Suite, Caido, Nuclei, Amass — the attack surface management and proxy space is crowded and well-funded. Documentation, though? That’s an afterthought for most platforms. Hunters are routinely pointed toward generic solutions: Notion databases, Obsidian vaults, custom spreadsheets, or just a chaotic folder of screenshots named by date. None of these were built for the specific rhythm of a hacking session, where context switching is the enemy and flow state is everything. The result is that bug bounty note-taking gets skipped entirely, or deferred until memory degrades.
That friction has real consequences. In bug bounty programs on platforms like HackerOne and Bugcrowd, report quality directly influences both acceptance rates and payouts. Vague, poorly evidenced reports get closed as duplicates or marked informative — even when the underlying vulnerability is genuine. A hunter who documents in real time has a structural advantage over one who reconstructs from memory. PwnLog is trying to close that gap.
What PwnLog Actually Does
The mechanics of this bug bounty note-taking tool are worth unpacking, because the design choices are deliberate. When you trigger the hotkey, PwnLog captures the active window title automatically — so if you’re in Firefox on a target’s admin panel, that context is embedded in the log entry without you typing a word. You select a category from a predefined list (cycling through with Tab): Recon, Auth, IDOR, XSS, SQLi, SSRF, LFI, Logic, Dead End, or Note. Then you type your observation in plain language and hit Enter.
From that single interaction, PwnLog writes two files simultaneously. The first is a journal.md — a human-readable markdown document that, according to the developer, leaves your report “half written” by the end of a session. Each entry looks something like this: a heading with the timestamp and category, a blockquote showing the active window, your note in plain text, and an embedded screenshot link. The second output is a timeline.json file — structured data with the same fields, machine-readable and grep-able. If you want to pipe your findings into another tool, build a custom report generator, or just search across a long engagement, the JSON is there waiting.
Screenshots are handled via Flameshot, the open-source annotation tool, which means you can mark up captures before they’re saved. On Linux, the integration is native. Mac support is there too, via Homebrew. Windows hunters are currently left out — the tool depends on xdotool for window title detection, which is Linux-specific — though that’s the kind of gap a motivated fork could address quickly given the MIT license.
The Philosophy: The Best Tool Is the One You Use
What’s interesting about PwnLog isn’t just what it does — it’s what it deliberately doesn’t do. There’s no cloud sync. No team collaboration feature. No dashboard. No AI-powered summary. All data lives in ~/.pwnlog/ on your local machine, organised by target, and nothing is ever transmitted anywhere. For security researchers working under responsible disclosure agreements or inside corporate bug bounty programs with strict data handling requirements, that’s not a minor point — it’s a core requirement. Good bug bounty note-taking practice demands exactly this kind of data discipline.
The developer is explicit about the design intent: “I wasn’t looking for a full documentation suite. I wasn’t looking for another Notion template or Burp extension. I just needed something that would get out of my way and capture what I found — exactly when I found it — without breaking my flow.” That philosophy — minimal surface area, single responsibility, zero friction — is increasingly rare in a tooling ecosystem that tends toward feature bloat.
There’s something almost countercultural about it. The dominant trend in security tooling right now is integration and automation: platforms that ingest scan results, correlate findings with CVE databases, generate draft reports, and push tickets to Jira. All useful things. But they assume a structured workflow that doesn’t always match how solo hunters actually operate. PwnLog assumes you’re in the middle of something, and the best it can do is stay out of your way.
Getting Started With PwnLog
The setup is minimal. Clone the repository from GitHub, install the Python dependencies via pip, add Flameshot and xdotool on Linux or Flameshot via Homebrew on Mac, run python main.py, and let it sit in the background. The hotkey listener runs passively; you won’t notice it until you need it. All findings are organised under ~/.pwnlog/projects/your-target/, keeping different engagements cleanly separated without any manual folder management. For hunters who want a lightweight bug bounty note-taking setup that requires no ongoing configuration, this is about as low-maintenance as it gets.
The tech stack — Python, CustomTkinter for the UI, pynput for the global hotkey listener — is deliberately lightweight. There are no heavy dependencies, no Electron wrapper eating RAM, no browser extension requiring permissions. It’s the kind of tool that starts in two seconds and stays out of your system tray.
A Small Tool With Real Signal
PwnLog won’t replace a properly structured methodology or a well-maintained knowledge base for long-term research. What it does is solve a specific, painful moment that every bug bounty hunter hits repeatedly: the gap between finding something interesting and actually capturing it before the context evaporates. That’s a narrow problem, but it’s a real one, and the tool’s design matches the problem’s shape almost exactly. Effective bug bounty note-taking has always required speed above all else, and PwnLog is built around that constraint.
The broader implication is worth sitting with. As bug bounty programs grow — HackerOne alone has paid out over $300 million to researchers — the quality bar for reports keeps rising. Platforms are more likely to triage quickly and reward well when reports arrive with clean timelines, reproducible steps, and solid evidence. Consistent bug bounty note-taking is a competitive advantage, not a housekeeping task. Tools like PwnLog, however lightweight, are part of how the researcher community professionalises itself without waiting for the platforms to build better tooling first. Whether it picks up a community of contributors and grows into something larger, or stays small and sharp and exactly what it is, that’s a genuinely useful starting point.
Source: https://dev.to/toklas495/i-got-tired-of-forgetting-so-i-built-pwnlog-ggp
