BOTWAVE — Infrastructure
WAVESOX is the proxy infrastructure BOTWAVE built for its own bounty hunting operations — then opened to external operators. Every proxy earns an immutable test receipt before entering rotation: latency, external IP, anonymity class, use-case score. No proxy ships untested. Inquiry-based pricing. Enterprise egress, pentester-grade validation.
── By the numbers
── What it does
Built from the ground up for recon work where a burned IP costs a finding. Every component answers four questions: how does it write to substrate, how does it learn, how does it extend without code changes, how does it feed the other arms.
Validation
Receipt-First Testing
Every proxy runs connectivity, anonymity, and use-case scoring before it enters the export pool. Receipts are immutable JSONL — timestamped, versioned, auditable.
Access Control
IAM-Style Zones
Each zone gets an API key and a filtered proxy set. A bounty hunter gets a different pool than an e-commerce scraper. Zones are created via POST — no code change required.
Pool Management
Continuous Validation Loop
The scraper, validator, and exporter run on independent timers. A proxy that passes at 06:00 may fail by 14:00 — the sweep catches it before it gets used on a live target.
Observability
Real-Time Stats API
FastAPI server on :8081. Pool health, live/dead counts, zone breakdowns, WebSocket stream of validation logs. Know the state of the pool before you run a hunt.
# Pool health — what's live right now curl http://localhost:8081/stats | jq . # Get proxies filtered by use case and minimum health score curl "http://localhost:8081/proxies?protocol=socks5&use_case=bounty_hunt&min_health_score=0.85" # Export production-ready pool curl "http://localhost:8081/export?format=json&use_case=bounty_hunt" > proxies.json # Create a zone with its own API key and filtered pool curl -X POST http://localhost:8081/zones \ -H "Content-Type: application/json" \ -d '{"name":"recon_ops","use_case":"bounty_hunt","min_health_score":0.85}' # Real-time validation stream wscat -c ws://localhost:8081/ws/logs
── Who it's for
Bug bounty hunters
Recon without residential exposure
Subfinder, httpx, nuclei routed through a validated SOCKS5 pool. The pool that powers BOTWAVE's own hunts.
Pentesters
Clean egress per engagement
IAM zones let you isolate each client engagement to a dedicated proxy set. No cross-contamination. Every request logged to your own substrate partition.
OSINT operators
Research that doesn't fingerprint back
Residential rotation means your research pass looks like organic traffic, not a datacenter sweep. Elite-classified proxies only for sensitive collection.
Enterprises
Managed egress for high-volume scraping
90K+ pool with geographic distribution across US residential, EU datacenter, and APAC mobile. Rate limits and geo filters configurable per zone.
Red teams
Infrastructure that matches the threat model
Proxies scored per use-case — the same pool record that shows a proxy is clean for scraping also shows whether it passes TLS fingerprint scrutiny for stealth work.
Not for
Out-of-scope targets
WAVESOX access requires acknowledgment of the acceptable use policy. Traffic through the pool is logged per zone. Abuse triggers immediate zone suspension.
Inquiry-based access.
Pricing is not self-serve yet. Send the email below with your use case — bounty hunting, pentesting, OSINT, or enterprise egress. Include target volume if you know it. Response within 48 hours.