fransr / bountyplz Goto Github PK
View Code? Open in Web Editor NEWAutomated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
License: MIT License
Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
License: MIT License
Hey Frans,
When submitting a report, I noticed that the title contains the Markdown header symbol #
as seen below. For some reason, the title in your screenshot is different to mine.
--- attributes:
title: # Unauthenticated reflected XSS in example.com via the p parameter.
program: utopia-test
weakness: xss reflected
inline-attachments: img1.png,file2.png,file3.png,file4.png,ok.mp4
---
---
weakness: "xss reflected"
---
# Unauthenticated reflected XSS in example.com via the p parameter.
This is cool!
# Another title
```
Testing 1234
```
## Impact
This is the impact, go for it!
$ bountyplz h1 program report.md
I am running this tool on Ubuntu 17.10.
Hello
When I try to submit a report via H1 all good but from BC I have this error
/usr/local/bin/bountyplz: line 70: _scope: unbound variable
Best regards
Maybe you can add an OSS License to this project?
see:
Hi @fransr,
First of all, thank you for your script that will help me to automatize some tasks ;)
I've some issue when i try to use your script on bugcrowd.
./bountyplz bc some_private test.md
and the error appears when parsing the weakness forms to display:
error: Invalid character
.options[] as $root | $root.children[]? as $parent | $parent.children[]? as $child | {root: $root, parent: $parent, child: $child} | {name: (.root.name + " / " + .parent.name + " / " + .child.name), id: (.root.id + "." + .parent.id + "." + .child.id)}
^
error: Invalid character
.options[] as $root | $root.children[]? as $parent | $parent.children[]? as $child | {root: $root, parent: $parent, child: $child} | {name: (.root.name + " / " + .parent.name + " / " + .child.name), id: (.root.id + "." + .parent.id + "." + .child.id)}
^
2 compile errors
Here are the informations on my md file:
---
weakness: Sensitive Data Exposure
asset: other
url: https://rblabla
---
I'm not very fluent with jq syntax so if you can help me, thank you in advance ;)
Best regards,
Nicknam3
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.