Open Sesame : A Python Tool To Display Random Publicly Disclosed Hackerone

Open Sesame Contains hackerone disclosed reports and other bug bounty writeups. A python tool which runs to display random publicly disclosed Hackerone reports when bored. Automatically opens the report in browser.

Contains Over 8k Publicly disclosed Hackerone reports and addtl. wordlist of ~700 bug bounty writeups.

This is a productivity tool for security enthusiasts and bug bounty hunters. I have written a blog here giving my idea of how to use this efficiently.

Additional features include:

  • Opening URL from custom wordlist which has bug bounty writeups.
  • Fetching and Updating the newly disclosed Hackerone publicly disclosed reports.

Also Read – CatchYou : FUD Win32 Msfvenom Payload Generator

Usage

Pl install components in rquirements.txt

python3 default.py Opens a random magic URL from the collection of publicly disclosed h1 reports.

python3 default.py --custom Opens a random magic URL from the collection of custom wordlist having bug bounty writeups.

python3 default.py --refresh Refreshes and adds newly publicly disclosed h1 reports to your file(final.txt)

Known Issues

  • The ability of not able to distinguish between completely publicly disclosed reports and reports with limited disclosures.
  • The tool may break in the way of how it works if it gets run after a long time. The default range specified is scraping 10 pages to reduce load on the site. If you believe you are running it after a long time, consider increasing the range upto 50 in main for loop in refresh.py before
  • running. This will enable collecting all the reports till the recent report extracted in the final.txt .
R K

Recent Posts

Bomber : Navigating Security Vulnerabilities In SBOMs

bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…

3 hours ago

EmbedPayloadInPng : A Guide To Embedding And Extracting Encrypted Payloads In PNG Files

Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…

3 hours ago

Exploit Street – Navigating The New Terrain Of Windows LPEs

Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…

2 days ago

ShadowDumper – Advanced Techniques For LSASS Memory Extraction

Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…

3 days ago

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

2 weeks ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

3 weeks ago