fransr / bountyplz Goto Github PK
View Code? Open in Web Editor NEWAutomated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
License: MIT License
bountyplz's Issues
Bugcrowd Issue
Hello
When I try to submit a report via H1 all good but from BC I have this error
/usr/local/bin/bountyplz: line 70: _scope: unbound variable
Best regards
Titles submitted with Markdown header # symbol.
Hey Frans,
When submitting a report, I noticed that the title contains the Markdown header symbol # as seen below. For some reason, the title in your screenshot is different to mine.
--- attributes:
title: # Unauthenticated reflected XSS in example.com via the p parameter.
program: utopia-test
weakness: xss reflected
inline-attachments: img1.png,file2.png,file3.png,file4.png,ok.mp4
---
Steps to reproduce
- Create a Markdown report with the following contents:
---
weakness: "xss reflected"
---
# Unauthenticated reflected XSS in example.com via the p parameter.
This is cool!
# Another title
```
Testing 1234
```
## Impact
This is the impact, go for it!
- Submit the report;
$ bountyplz h1 program report.md
- Navigate to the submitted report.
Setup
I am running this tool on Ubuntu 17.10.
jq invalid char (weakness)
Hi @fransr,
First of all, thank you for your script that will help me to automatize some tasks ;)
I've some issue when i try to use your script on bugcrowd.
command used
./bountyplz bc some_private test.md
and the error appears when parsing the weakness forms to display:
error: Invalid character
.options[] as $root | $root.children[]? as $parent | $parent.children[]? as $child | {root: $root, parent: $parent, child: $child} | {name: (.root.name + " / " + .parent.name + " / " + .child.name), id: (.root.id + "." + .parent.id + "." + .child.id)}
^
error: Invalid character
.options[] as $root | $root.children[]? as $parent | $parent.children[]? as $child | {root: $root, parent: $parent, child: $child} | {name: (.root.name + " / " + .parent.name + " / " + .child.name), id: (.root.id + "." + .parent.id + "." + .child.id)}
^
2 compile errors
Here are the informations on my md file:
---
weakness: Sensitive Data Exposure
asset: other
url: https://rblabla
---
I'm not very fluent with jq syntax so if you can help me, thank you in advance ;)
Best regards,
Nicknam3
LICENSE
Maybe you can add an OSS License to this project?
see:
- Choose an open source license: https://choosealicense.com/
- Software Licenses in Plain English: https://tldrlegal.com/ - Lookup popular software licenses summarized at-a-glance.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.