ars0n-framework-v2-beta-0.0.7

Fix bug in HTTPx & Go Version compatibility.
Fix bug in update server that detaches HEAD from release version.

ars0n-framework-v2-beta-0.0.6

All HTTPx flags and features can now be configured/controlled.

ars0n-framework-v2-beta-0.0.5

Bug fixes and massive improvements to the ROI Report

Update scripts to support automatic updates regardless of previous version

ars0n-framework-v2-beta-0.0.4

This update has massive improvements to the Metadata scan, including the ability to cancel a scan that is taking too long 🤯. It's much more stable, shows progress, and the default settings take much less time to complete.

I've also done massive improvements on the URL workflow, including the launch of the brand new Ars0n Framework Browser Extension!!. This extension lets you manually crawl through your target url, capturing all requests and responses and feeding that data back to the framework. It's still a work in progress so go easy, but this is going to be a huge part of the final framework's workflow, and I have a TON of great ideas for other ways to use this extension 😁

ars0n-framework-v2-beta-0.0.3

By popular demand, I'm very excited to announce that this framework is now designed to be run on a VPS and can be accessed remotely!! 💻🌐☁️➡️🖥️

I am planning on doing monthly updates for this framework throughout 2026, starting with this as the January update. -rs0n

Summary of Improvements & Bug Fixes:

• New docker container w/ Nginx Reverse Proxy added to support remote access and VPS deployment
• Take Screenshots and Gather Metadata scans combined into a single scan with more stability and better performance
• Gather Metadata scan can be configured to scan single URLs or skip more time consuming processes (crawling, for example)
• Improvements to how Nuclei scans are configured and run to add stability, better logging, and improved UX/UI
• HTTPx scanning now includes a wide range of uncommon ports in addition to 80 and 443
• Fixed bug in Settings not actually being saved (broken in beta-0.0.2)
• Improved modals allow the user to easily populate Burpsuite with results or copy all results to clipboard

⚠️⚠️ REMEMBER THAT YOU WILL NOW ACCESS THE TOOL USING ONLY THE DOMAIN/IP, NOT THE PORT! ⚠️⚠️

❌ `http://localhost:3000`      ✅ `http://localhost`

The next update will prioritize an automated update system to ensure the transition between versions is much smoother and database migrations happen naturally, as well as an authentication/user system to support collaboration and provide security for users that choose to host their instance of the framework publicly on a VPS.

ars0n-framework-v2-beta-0.0.2

This is the first major update since the Beta launch @ DEFCON! This update includes a wide range of improvements to performance, data aggregation, and functionality:

• Massive performance improvements across the board for the front-end, making the tool much more stable when a large number of targets are identified
• Scope Targets can now be added automatically by uploading a Burpsuite Configuration File or CSV downloaded from HackerOne's program scope page
• Scope Targets can now be added using the HackerOne API. This can be done by searching for the program name, pulling a random program based on given criteria, or by simply browsing all public programs and choosing the one(s) to add
• New utility to facilitate STRIDE Threat Modeling as part of the new URL Workflow is fully implemented
• Sorting, filtering, and data enrichment added to Metadata results modal along with ability to add URL scope targets directly from the Metadata results or ROI report
• New Tools & Utilities section includes tools to solve bug bounty hunting problems that do not fit into the larger workflow
• All installation issues due to changes in packages over time have been resolved

ars0n-framework-v2-beta-0.0.1

Open Beta Launch! 🚀

ars0n-framework-v2-beta-0.0.0

This is a test version of the beta release.

final-demo-pre-alpha

Open Beta will launch during my talk @ DEFCON 33 Bug Bounty Village!!

This is the last demo version I'll be releasing before the Beta launch.
YouTube video walking through the new features is coming soon...

New Features:

• Wildcard Auto Scan
  • Choose which bug bounty tools you want to automate
  • Fully automates most popular bug bounty workflow
  • Easily to Pause and Resume scans when necessary
  • Clean UI shows real-time progress and results
• Company Workflow
  • First half of the Company Workflow has been completed
  • Start with a company name and discover Root Domains owned by that company
  • Conduct manual Google Dorking without changing tabs
  • Gather a wealth of metadata on discovered domains with one click
  • Easily filter/search domains by ASN Provider, SSL Certificate status, Title, and much more
  • Add qualified root domains as a Wildcard scope target to easily continue the methodology
• Settings
  • Configure granular Rate Limiting for each tool
  • Add custom header or user agent to adhere with bug bounty program rules
  • Add and easily manage API keys for various tools
  • Change back-end server port to 8443 (no more 8080)

I hope it helps!! 🍻🍻🍻

Pre-Alpha Demo

This release includes the pre-alpha demo shown in my YouTube video.