This library is built on a HackerOne API client. It retrieves all the Programmes and Targets that match your criteria, and puts them in a .csv file. You can use it to assist in target acquisition, or for automated vulnerability scanning.
You will need your own credentials for the HackerOne researcher API. If you don't have a token already, go to the HackerOne settings page and generate one. Keep it secret.
You will find other examples in the ./_examples folder, but here is a quick demo:
// Output to CSV file output := "./targets-1.csv" // Add your API creds user := "your-hackerone-username-here" token := "your-private-token-here" // Only show HackerOne Programmes which are open programmeIsRelevant := func (prog h1.Programme) bool { return prog.SubmissionState == "open" } // Only show Targets (within a Programme) which are websites where a bug bounty is available targetIsRelevant := func (target h1.Target) bool { return target.AssetType == "URL" && target.EligibleForBounty } // Now you have a bug bounty Programme filter and a Target filter filter := h1.NewFilter(programmeIsRelevant, targetIsRelevant) // Get all the relevant targets from the API targetRetriever := h1.NewTargetRetriever(user, token, output, filter) targetRetriever.RetrieveTargets()At time of writing, the API rate limit is 600 queries/minute. This may change. Running the tool several times in quick succession may stop it from outputting for a short time. Enhance your calm.
The columns of the output CSV file are these:
Programme PssetIdentifier AssetType EligibleForSubmission EligibleForBounty The author wishes you the best of luck, and happy hacking.