Top disclosed reports from HackerOne
reddelexc, updated
🕥
2023-02-15 14:29:44
Tops of HackerOne reports. All reports' raw info stored in data.csv.
Scripts to update this file are written in Python 3 and require chromedriver and Chromium executables at PATH.
Every script contains some info about how it works.
The run order of scripts:
1) fetcher.py
1) uniquer.py
1) filler.py
1) rater.py
Tops 100.
Tops by bug type.
- Top XSS reports
- Top XXE reports
- Top CSRF reports
- Top IDOR reports
- Top RCE reports
- Top SQLi reports
- Top SSRF reports
- Top Race Condition reports
- Top Subdomain Takeover reports
- Top Open Redirect reports
- Top Clickjacking reports
- Top DoS reports
- Top OAuth reports
- Top Account Takeover reports
- Top Business Logic reports
- Top REST API reports
- Top GraphQL reports
- Top Information Disclosure reports
- Top Web Cache reports
- Top SSTI reports
- Top Upload reports
- Top HTTP Request Smuggling reports
- Top OpenID reports
- Top Mobile reports
- Top File Reading reports
- Top Authorization Bypass reports
- Top Authentication Bypass reports
- Top MFA reports
Tops by program.
- Top Mail.ru reports
- Top HackerOne reports
- Top Shopify reports
- Top Nextcloud reports
- Top Twitter reports
- Top Uber reports
- Top Node.js reports
- Top shopify-scripts reports
- Top Legal Robot reports
- Top U.S. Dept of Defense reports
- Top Gratipay reports
- Top Weblate reports
- Top VK.com reports
- Top New Relic reports
- Top LocalTapiola reports
- Top Zomato reports
- Top Slack reports
- Top ownCloud reports
- Top GitLab reports
- Top Ubiquiti Inc. reports
- Top Automattic reports
- Top Coinbase reports
- Top Verizon Media reports
- Top Starbucks reports
- Top Paragon Initiative Enterprises reports
- Top PHP (IBB) reports
- Top Brave Software reports
- Top Vimeo reports
- Top OLX reports
- Top concrete5 reports
- Top Phabricator reports
- Top Pornhub reports
- Top Localize reports
- Top Qiwi reports
- Top WordPress reports
- Top The Internet reports
- Top Open-Xchange reports
- Top Razer reports
- Top Rockstar Games reports
- Top GitHub Security Lab reports
- Top h1-ctf reports
- Top Valve reports
- Top Yahoo! reports
- Top Internet Bug Bounty reports
- Top Concrete CMS reports
- Top Sifchain reports
- Top Curl reports
- Top Acronis reports
- Top TikTok reports
- Top MTN Group reports
Issues
Asking for help
opened on 2023-02-16 10:51:09 by piyushimselfHi, can you make a video about how can we use scripts for better utilization than just a passive reading here from the repo itself? It is already great work but wants to know more. Thanks.
multithreading
opened on 2022-09-29 11:55:06 by blackhat-tadd ### threads to filler.py to pull the requests concurrently rather than a loop
for i in range(count_of_reports):
print('Fetching report ' + str(i + 1) + ' out of ' + str(count_of_reports))
report_url = 'https://' + reports[i]['link'] + '.json'
Ivan Modin
GitHub Repository
writeups hackerone bugbounty reports xss xxe sql-injection csrf idor rce ssrf security