Open Sesame : A Python Tool To Display Random Publicly Disclosed Hackerone

Open Sesame Contains hackerone disclosed reports and other bug bounty writeups. A python tool which runs to display random publicly disclosed Hackerone reports when bored. Automatically opens the report in browser.

Contains Over 8k Publicly disclosed Hackerone reports and addtl. wordlist of ~700 bug bounty writeups.

This is a productivity tool for security enthusiasts and bug bounty hunters. I have written a blog here giving my idea of how to use this efficiently.

Additional features include:

• Opening URL from custom wordlist which has bug bounty writeups.
• Fetching and Updating the newly disclosed Hackerone publicly disclosed reports.

Also Read – CatchYou : FUD Win32 Msfvenom Payload Generator

Usage

Pl install components in rquirements.txt

python3 default.py Opens a random magic URL from the collection of publicly disclosed h1 reports.

python3 default.py --custom Opens a random magic URL from the collection of custom wordlist having bug bounty writeups.

python3 default.py --refresh Refreshes and adds newly publicly disclosed h1 reports to your file(final.txt)

Known Issues

• The ability of not able to distinguish between completely publicly disclosed reports and reports with limited disclosures.
• The tool may break in the way of how it works if it gets run after a long time. The default range specified is scraping 10 pages to reduce load on the site. If you believe you are running it after a long time, consider increasing the range upto 50 in main for loop in refresh.py before
• running. This will enable collecting all the reports till the recent report extracted in the final.txt .