Last active
November 13, 2024 03:30
-
-
Save tetrillard/4e1ed77cebb5fab42989da3bf944fd4e to your computer and use it in GitHub Desktop.
HackerOne Hacktivity to RSS feed
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import sys | |
| import requests | |
| import urllib3 | |
| import json | |
| import re | |
| from types import SimpleNamespace as Namespace | |
| from feedgen.feed import FeedGenerator | |
| output = '' | |
| if len(sys.argv) > 2: | |
| output = sys.argv[1] | |
| fg = FeedGenerator() | |
| fg.id("https://hackerone.com/hacktivity") | |
| fg.link(href="https://hackerone.com/hacktivity") | |
| fg.title("HackerOne hacktivity") | |
| fg.description("HackerOne hacktivity") | |
| url = "https://hackerone.com/graphql" | |
| url_hacktivity = "https://hackerone.com/hacktivity" | |
| # https://curlconverter.com/ | |
| json_data = { | |
| 'operationName': 'HacktivityPageQuery', | |
| 'variables': { | |
| 'querystring': '', | |
| 'where': { | |
| 'report': { | |
| 'disclosed_at': { | |
| '_is_null': False, | |
| }, | |
| }, | |
| }, | |
| 'orderBy': None, | |
| 'secureOrderBy': { | |
| 'latest_disclosable_activity_at': { | |
| '_direction': 'DESC', | |
| }, | |
| }, | |
| 'count': 25, | |
| 'maxShownVoters': 10, | |
| }, | |
| 'query': 'query HacktivityPageQuery($querystring: String, $orderBy: HacktivityItemOrderInput, $secureOrderBy: FiltersHacktivityItemFilterOrder, $where: FiltersHacktivityItemFilterInput, $count: Int, $cursor: String, $maxShownVoters: Int) {\n me {\n id\n __typename\n }\n hacktivity_items(\n first: $count\n after: $cursor\n query: $querystring\n order_by: $orderBy\n secure_order_by: $secureOrderBy\n where: $where\n ) {\n ...HacktivityList\n __typename\n }\n}\n\nfragment HacktivityList on HacktivityItemConnection {\n pageInfo {\n endCursor\n hasNextPage\n __typename\n }\n edges {\n node {\n ... on HacktivityItemInterface {\n id\n databaseId: _id\n __typename\n }\n __typename\n }\n ...HacktivityItem\n __typename\n }\n __typename\n}\n\nfragment HacktivityItem on HacktivityItemUnionEdge {\n node {\n ... on HacktivityItemInterface {\n id\n type: __typename\n }\n ... on Undisclosed {\n id\n ...HacktivityItemUndisclosed\n __typename\n }\n ... on Disclosed {\n id\n ...HacktivityItemDisclosed\n __typename\n }\n ... on HackerPublished {\n id\n ...HacktivityItemHackerPublished\n __typename\n }\n __typename\n }\n __typename\n}\n\nfragment HacktivityItemUndisclosed on Undisclosed {\n id\n votes {\n total_count\n __typename\n }\n voters: votes(last: $maxShownVoters) {\n edges {\n node {\n id\n user {\n id\n username\n __typename\n }\n __typename\n }\n __typename\n }\n __typename\n }\n upvoted: upvoted_by_current_user\n reporter {\n id\n username\n ...UserLinkWithMiniProfile\n __typename\n }\n team {\n handle\n name\n medium_profile_picture: profile_picture(size: medium)\n url\n id\n ...TeamLinkWithMiniProfile\n __typename\n }\n latest_disclosable_action\n latest_disclosable_activity_at\n requires_view_privilege\n total_awarded_amount\n currency\n __typename\n}\n\nfragment TeamLinkWithMiniProfile on Team {\n id\n handle\n name\n __typename\n}\n\nfragment UserLinkWithMiniProfile on User {\n id\n username\n __typename\n}\n\nfragment HacktivityItemDisclosed on Disclosed {\n id\n reporter {\n id\n username\n ...UserLinkWithMiniProfile\n __typename\n }\n votes {\n total_count\n __typename\n }\n voters: votes(last: $maxShownVoters) {\n edges {\n node {\n id\n user {\n id\n username\n __typename\n }\n __typename\n }\n __typename\n }\n __typename\n }\n upvoted: upvoted_by_current_user\n team {\n handle\n name\n medium_profile_picture: profile_picture(size: medium)\n url\n id\n ...TeamLinkWithMiniProfile\n __typename\n }\n report {\n id\n databaseId: _id\n title\n substate\n url\n __typename\n }\n latest_disclosable_action\n latest_disclosable_activity_at\n total_awarded_amount\n severity_rating\n currency\n __typename\n}\n\nfragment HacktivityItemHackerPublished on HackerPublished {\n id\n reporter {\n id\n username\n ...UserLinkWithMiniProfile\n __typename\n }\n votes {\n total_count\n __typename\n }\n voters: votes(last: $maxShownVoters) {\n edges {\n node {\n id\n user {\n id\n username\n __typename\n }\n __typename\n }\n __typename\n }\n __typename\n }\n upvoted: upvoted_by_current_user\n team {\n id\n handle\n name\n medium_profile_picture: profile_picture(size: medium)\n url\n ...TeamLinkWithMiniProfile\n __typename\n }\n report {\n id\n url\n title\n substate\n __typename\n }\n latest_disclosable_activity_at\n severity_rating\n __typename\n}\n', | |
| } | |
| s = requests.session() | |
| resp = s.get(url_hacktivity) | |
| token = re.findall(r'<meta name="csrf-token" content="([^"]*)" />', resp.text, flags=re.IGNORECASE | re.MULTILINE | re.DOTALL)[0] | |
| e = s.post(url, json=json_data, headers={'x-csrf-token': token}) | |
| j = json.loads(e.text, object_hook=lambda d: Namespace(**d)) | |
| for i in j.data.hacktivity_items.edges: | |
| report = i.node | |
| published_at = report.latest_disclosable_activity_at | |
| report_url = report.report.url | |
| reporter = report.reporter.username | |
| bounty = str(int(report.total_awarded_amount)) if report.total_awarded_amount else 'N/A' | |
| title = report.report.title | |
| team = report.team.name | |
| # print('%s | %s | %s | %s' % (team, reporter, bounty, title)) | |
| fe = fg.add_entry() | |
| fe.id(report_url) | |
| fe.content( "") | |
| fe.published(published_at) | |
| fe.link(href=report_url) | |
| fe.content('<a href="%s">%s</a>' % (report_url, report_url)) | |
| fe.title('%s | %s | %s | %s' % (team, reporter, bounty, title)) | |
| fg.atom_file(output + 'atom.xml') | |
| fg.rss_file(output + 'rss.xml') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment