HackerOne Hacker API tools

A collection of Hacker API tools utilizing the HackerOne API. To build your own Hacker API integration have a look at our getting started docs.

Contributing

Sharing, suggestions and contributions are always welcome!

Tools

• BBRF - The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices.
  • https://gist.github.com/honoki/6d6c51b5f5d4b01cb471f4d8478d2789
  • https://gist.github.com/honoki/e2f6b8877f4bcc102ef949dd57d48e39
• bbscope - The ultimate scope gathering tool for HackerOne, Bugcrowd, and Intigriti.
• Depcher - Tool to quickly analyze bug bounty platforms targets by checking their technology stack with wappalyzer and running Vulners scan to the found technologies.
• Earnings.rb - This script pulls the total earned during the year and optionally dumps a CSV file; mostly used for tax reasons.
• h1_2_nuclei - Scan any HackerOne program with Nuclei.
• h1Bot - Hackerone Bot for automating reporting.
• HackerBot - Receive notifications about your reports and access your hackerone information quickly and easily.
• hackerone_programs.py - HackerOne API Program and scope retrieval.
• HackerOneAPIClient - The main idea of this project is to send reports automatically (or programmatically, some day automagically) to HackerOne programs.
• Inscope - Fetch all in-scope URLs/domains from HackerOne programs.
• reNgine - An automated reconnaissance framework for web applications with focus on highly configurable streamlined recon process via Engines.
• h1scope - Get all in-scope items at Hackerone, including domains, apps, and everything that can be in scope. This can be for a specific program or for all programs you have access to.