AXIONARK - Bug Bounty Journey Tracker šÆ
A gamified progress tracker designed specifically for bug bounty hunters. AXIONARK helps you master bug hunting skills, track your findings, monitor earnings, and document your journey with military-grade encryption.
š Overview
AXIONARK is your personal companion for bug bounty hunting. Track your progress from beginner to legendary status with a structured roadmap focused on real bug bounty skills and achievements.
Key Features
- šÆ Bug Bounty Roadmap - 135+ tasks across 5 phases specifically for bug hunters
- š XP & Level System - Earn experience points and level up as you complete objectives
- š Encrypted Journal - Document findings with AES-256-GCM client-side encryption
- š Bug Tracker - Log vulnerabilities, track bounties, and monitor success rates
- š° Earnings Dashboard - Track your bug bounty income and milestones
- š Achievement System - Unlock badges for major accomplishments
- šØ Modern UI - Cyberpunk-inspired design with dark/light themes
- š Zero-Knowledge Architecture - Your data is encrypted before leaving your device
š”ļø Security & Privacy
- Client-side AES-256-GCM encryption - Your sensitive data is encrypted in your browser
- Zero-knowledge architecture - We can't read your journal entries or bug details
- Firebase Authentication with secure session management
- Rate limiting and input sanitization
- Strict CSP headers for XSS protection
- No tracking - Your journey is yours alone
š ļø Tech Stack
- Frontend: SvelteKit 2.0, TypeScript
- Styling: Tailwind CSS 3.0
- Backend: Firebase (Auth & Firestore)
- Security: Web Crypto API, DOMPurify
- Analytics: Privacy-respecting Vercel Analytics
- Icons: Heroicons & Custom SVGs
š Prerequisites
- Node.js 18+
- Firebase account (free tier works)
- npm or yarn
š¦ Quick Start
1. Clone the Repository
git clone https://github.com/Duardz/axionark.git
cd axionark
npm install
2. Firebase Setup
- Create a project at Firebase Console
- Enable Authentication (Email/Password provider)
- Create Firestore Database in production mode
- Get your config from Project Settings > General
3. Environment Configuration
Create .env
file:
cp .env.example .env
Add your Firebase config:
VITE_FIREBASE_API_KEY=your_api_key
VITE_FIREBASE_AUTH_DOMAIN=your_auth_domain
VITE_FIREBASE_PROJECT_ID=your_project_id
VITE_FIREBASE_STORAGE_BUCKET=your_storage_bucket
VITE_FIREBASE_MESSAGING_SENDER_ID=your_sender_id
VITE_FIREBASE_APP_ID=your_app_id
4. Firestore Security Rules
Replace default rules with these:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
// Users can only read/write their own data
match /users/{userId} {
allow read, write: if request.auth != null && request.auth.uid == userId;
}
match /journal/{entryId} {
allow read, write: if request.auth != null &&
request.auth.uid == resource.data.uid;
allow create: if request.auth != null &&
request.auth.uid == request.resource.data.uid;
}
match /bugs/{bugId} {
allow read, write: if request.auth != null &&
request.auth.uid == resource.data.uid;
allow create: if request.auth != null &&
request.auth.uid == request.resource.data.uid;
}
match /usernames/{username} {
allow read: if true;
allow create: if request.auth != null;
allow update, delete: if request.auth != null &&
request.auth.uid == resource.data.uid;
}
}
}
5. Run Development Server
npm run dev
Visit http://localhost:5173
šÆ Bug Bounty Learning Path
AXIONARK features a comprehensive bug bounty roadmap:
š± Phase 1: Foundations (Months 1-4)
- Web technology fundamentals
- Essential tools setup (Burp Suite, recon tools)
- Basic vulnerabilities (XSS, SQLi, IDOR)
- First bug submission
š Phase 2: Advanced Hunting (Months 5-12)
- Complex vulnerabilities (SSRF, XXE, Deserialization)
- API and mobile testing
- Automation and scaling
- First $10,000 milestone
š Phase 3: Expert Hunter (Months 13-24)
- Vulnerability chaining techniques
- Cloud platform security
- Specialized targets
- $100,000+ earnings goal
š„ Phase 4: Elite Researcher (Year 3+)
- Zero-day research
- Industry leadership
- Mentorship and education
- $1M+ lifetime earnings
š Phase 5: Legendary Status (Lifetime)
- Global security impact
- Legacy building
- Ultimate mastery
š® How It Works
- Create Account - Sign up with email and choose your hacker alias
- Track Progress - Complete tasks from the roadmap to earn XP
- Log Bugs - Record your findings with severity, bounty, and details
- Journal Journey - Write encrypted notes about your experiences
- Monitor Stats - Watch your level, earnings, and achievements grow
- Share Success - Export non-sensitive stats to share your progress
š Features in Detail
Task Management
- 135+ bug bounty specific tasks
- XP rewards for completion
- Progress tracking per category
- Suggested learning order
Bug Tracking
- Log vulnerability details
- Track bounty amounts
- Monitor acceptance rates
- Categorize by severity
- Platform statistics
Encrypted Journal
- Client-side encryption
- Mood tracking
- Tag system
- Search functionality
- Export capabilities
Progress Dashboard
- Real-time XP tracking
- Level progression
- Earnings overview
- Activity timeline
- Achievement showcase
š Deployment
Vercel (Recommended)
- Fork this repository
- Import to Vercel
- Add environment variables
- Deploy!
Self-Hosting
npm run build
npm run preview
Deploy the build
folder to any static host.
š Project Structure
src/
āāā routes/ # SvelteKit pages
ā āāā +page.svelte # Landing/Auth
ā āāā dashboard/ # Main dashboard
ā āāā roadmap/ # Bug bounty roadmap
ā āāā tasks/ # Task tracker
ā āāā journal/ # Encrypted journal
ā āāā bugs/ # Bug reports
ā āāā profile/ # User settings
āāā lib/
ā āāā components/ # Reusable UI
ā āāā stores/ # State management
ā āāā data/ # Roadmap data
ā āāā utils/ # Helpers
ā ā āāā encryption.ts
ā ā āāā security.ts
ā āāā firebase.ts
āāā app.css # Global styles
š¤ Contributing
We love contributions! Here's how:
- Fork the repository
- Create feature branch (
git checkout -b feature/awesome-feature
)
- Commit changes (
git commit -m 'Add awesome feature'
)
- Push branch (
git push origin feature/awesome-feature
)
- Open Pull Request
Development Guidelines
- Follow existing code style
- Add tests for new features
- Update documentation
- Keep accessibility in mind
- Respect user privacy
š Bug Reports
Found a bug? Please open an issue with:
- Clear description
- Steps to reproduce
- Expected behavior
- Screenshots (if applicable)
š License
This project is licensed under the GNU Affero General Public License v3 (AGPLv3).
This means:
- ā
Use for any purpose
- ā
Modify and distribute
- ā
Patent protection
- ā ļø Must open-source modifications
- ā ļø Must disclose source
- ā ļø Must use same license
See LICENSE for details.
š Acknowledgments
š Support
š® Roadmap
ā” AXIONARK - Track your journey from script kiddie to legendary bug hunter.
Not affiliated with any bug bounty platform. This is a personal progress tracker.