Launching Open Sesame!
I recently launched Open-Sesame, a tool for easily accessing publicly disclosed Hackerone reports and other bug bounty writeups available online.
This is more of a productivity tool to get easy access to thousands of reports in a very quick time and enhance your knowledge of new attacks and previously rewarded reports.
In all the tool supports-
- 8.5k+ Publicly Disclosed Hackerone reports
- Custom wordlist of bugbounty writeups (around~700)
- Support for fetching and adding newly disclosed h1 reports and adding it for use.
How to Use?
I made this with a very clear goal in mind. Even though we have lot of public bug reports we face this trouble and issue of reading them one by one.
Solution:
My solution to increase your security knowledge and understanding is this:
One Day One Bug.
- Run the Tool and it will open one random magic url in the browser.
- Now read the report/blog and research around that topic for that day.
- If you feel to know more, you can again run it and it will open a new report.
Since it supports custom wordlist of writeups, you may also add other new public reports to the data and use to open one random link.
This is a productivity tool. It worked well for me. I don’t have to go and search for reports. I just run this in the terminal and get a new report everytime.
Usage and Link:
Further details to install and use is given :
Trivia:
Open sesame was the magical phrase to open mouth of the cave in “Alibaba and the 40 thieves.” The treasure is inside. Choice is yours to become either Ali Baba or Cassim.
Hope you like it, feel free to support and maybe tweet about it. :)
