Open Sesame : A Python Tool To Display Random Publicly Disclosed Hackerone

Open Sesame Contains hackerone disclosed reports and other bug bounty writeups. A python tool which runs to display random publicly disclosed Hackerone reports when bored. Automatically opens the report in browser.

Contains Over 8k Publicly disclosed Hackerone reports and addtl. wordlist of ~700 bug bounty writeups.

This is a productivity tool for security enthusiasts and bug bounty hunters. I have written a blog here giving my idea of how to use this efficiently.

Additional features include:

  • Opening URL from custom wordlist which has bug bounty writeups.
  • Fetching and Updating the newly disclosed Hackerone publicly disclosed reports.

Also Read – CatchYou : FUD Win32 Msfvenom Payload Generator

Usage

Pl install components in rquirements.txt

python3 default.py Opens a random magic URL from the collection of publicly disclosed h1 reports.

python3 default.py --custom Opens a random magic URL from the collection of custom wordlist having bug bounty writeups.

python3 default.py --refresh Refreshes and adds newly publicly disclosed h1 reports to your file(final.txt)

Known Issues

  • The ability of not able to distinguish between completely publicly disclosed reports and reports with limited disclosures.
  • The tool may break in the way of how it works if it gets run after a long time. The default range specified is scraping 10 pages to reduce load on the site. If you believe you are running it after a long time, consider increasing the range upto 50 in main for loop in refresh.py before
  • running. This will enable collecting all the reports till the recent report extracted in the final.txt .
R K

Recent Posts

Cybersecurity – Tools And Their Function

Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…

14 hours ago

MODeflattener – Miasm’s OLLVM Deflattener

MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…

14 hours ago

My Awesome List : Tools And Their Functions

"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…

14 hours ago

Chrome Browser Exploitation, Part 3 : Analyzing And Exploiting CVE-2018-17463

CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…

14 hours ago

Chrome Browser Exploitation, Part 1 : Introduction To V8 And JavaScript Internals

The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…

15 hours ago

Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463

The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…

18 hours ago