github/Fabric
1
1
Fork 0
mirror of https://github.com/danielmiessler/Fabric.git synced 2026-02-18 01:41:41 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
4d60f245176d17ca28cb8d078f930f216a924ed0
Fabric/data/patterns/write_hackerone_report/README.md
Kayvan Sylvan 4004c51b9e refactor: restructure project to align with standard Go layout 
### CHANGES

- Introduce `cmd` directory for all main application binaries.
- Move all Go packages into the `internal` directory.
- Rename the `restapi` package to `server` for clarity.
- Consolidate patterns and strategies into a new `data` directory.
- Group all auxiliary scripts into a new `scripts` directory.
- Move all documentation and images into a `docs` directory.
- Update all Go import paths to reflect the new structure.
- Adjust CI/CD workflows and build commands for new layout.
2025-07-08 22:47:17 -07:00

55 lines
1.8 KiB
Markdown
Raw Blame History

# `write_hackerone_report` Pattern
## Description
The `write_hackerone_report` pattern is designed to assist a bug bounty hunter with writing a bug bounty report for the HackerOne platform. It knows the structure that is normally in place on HackerOne, and is instructed on how to extrapolate from requests, responses, and comments, what the report should be about and how to create steps to reproduce for that vulnerability.
**This is version 0.1**. Please improve this prompt.
## Functionality
- Reviews the requests provided
- Reviews the responses provided
- Reviews the comments provided
- Generates a report which can be copy-pasted into HackerOne and adjusted for details.
### Use cases
1. This can be helpful for dynamic report generation for automation
2. This can be helpful when integrated with a Caido or Burp plugin to rapidly generate reports
3. This can be helpful when generating reports from the command-line
## Usage
This pattern is intended to be used with the `bbReportFormatter` tool which can be found here: https://github.com/rhynorater/bbReportFormatter
This utility automatically helps with the format that this pattern ingests which looks like this:
Request 1:
```
GET /...
```
Response 1:
```
HTTP/1.1 200 found...
```
Comment 1:
```
This request is vulnerable to blah blah blah
```
So, you'll add requests/responses to the report by using `cat req | bbReportFormatter`.
You'll add comments to the report using `echo "This request is vulnerable to blah blah blah" | bbReportFormatter`.
Then, when you run `bbReportFromatter --print-report` it will output the above, `write_hackerone_report` format.
So, in the end, this usage will be `bbReportFormatter --print-report | fabric -sp write_hackerone_report`.
## Meta
- **Author**: Justin Gardner (@Rhynorater)
- **Version Information**: 0.1
- **Published**: Jul 3, 2024
Reference in New Issue View Git Blame Copy Permalink