{"id":13642321,"url":"https://github.com/reddelexc/hackerone-reports","last_synced_at":"2025-05-13T20:22:15.341Z","repository":{"id":38179163,"uuid":"182211614","full_name":"reddelexc/hackerone-reports","owner":"reddelexc","description":"Top disclosed reports from HackerOne","archived":false,"fork":false,"pushed_at":"2025-04-20T06:23:55.000Z","size":9701,"stargazers_count":4458,"open_issues_count":1,"forks_count":815,"subscribers_count":164,"default_branch":"master","last_synced_at":"2025-04-20T07:25:48.091Z","etag":null,"topics":["bugbounty","csrf","hackerone","idor","rce","reports","security","sql-injection","ssrf","writeups","xss","xxe"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/reddelexc.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-04-19T06:11:04.000Z","updated_at":"2025-04-20T06:23:59.000Z","dependencies_parsed_at":"2023-02-08T12:45:37.008Z","dependency_job_id":"a985aa44-ceb6-4b06-b141-7d53314ffa53","html_url":"https://github.com/reddelexc/hackerone-reports","commit_stats":{"total_commits":109,"total_committers":3,"mean_commits":"36.333333333333336","dds":0.01834862385321101,"last_synced_commit":"bcf868c11b18255a43c27c33bba388ed7cebb0b1"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/reddelexc%2Fhackerone-reports","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/reddelexc%2Fhackerone-reports/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/reddelexc%2Fhackerone-reports/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/reddelexc%2Fhackerone-reports/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/reddelexc","download_url":"https://codeload.github.com/reddelexc/hackerone-reports/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251311332,"owners_count":21569008,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bugbounty","csrf","hackerone","idor","rce","reports","security","sql-injection","ssrf","writeups","xss","xxe"],"created_at":"2024-08-02T01:01:29.869Z","updated_at":"2025-04-28T12:02:33.080Z","avatar_url":"https://github.com/reddelexc.png","language":"Python","funding_links":[],"categories":["Python","Python (1887)","***Cybersecurity Resources***","Welcome to Learn101"],"sub_categories":["***Rootkits (Development)***","Hacker Awesome Repositories"],"readme":"Tops of HackerOne reports. All reports' raw info stored in `data.csv`.\r\nScripts to update this file are written in Python 3 and require `chromedriver` and `Chromium` executables at `PATH`.\r\nEvery script contains some info about how it works.\r\nThe run order of scripts:\r\n\r\n1) `fetcher.py`\r\n1) `uniquer.py`\r\n1) `filler.py`\r\n1) `rater.py`\r\n\r\nTops 100.\r\n\r\n- [Top 100 upvoted reports](tops_100/TOP100UPVOTED.md)\r\n- [Top 100 paid reports](tops_100/TOP100PAID.md)\r\n\r\nTops by bug type.\r\n\r\n- [Top XSS reports](tops_by_bug_type/TOPXSS.md)\r\n- [Top XXE reports](tops_by_bug_type/TOPXXE.md)\r\n- [Top CSRF reports](tops_by_bug_type/TOPCSRF.md)\r\n- [Top IDOR reports](tops_by_bug_type/TOPIDOR.md)\r\n- [Top RCE reports](tops_by_bug_type/TOPRCE.md)\r\n- [Top SQLi reports](tops_by_bug_type/TOPSQLI.md)\r\n- [Top SSRF reports](tops_by_bug_type/TOPSSRF.md)\r\n- [Top Race Condition reports](tops_by_bug_type/TOPRACECONDITION.md)\r\n- [Top Subdomain Takeover reports](tops_by_bug_type/TOPSUBDOMAINTAKEOVER.md)\r\n- [Top Open Redirect reports](tops_by_bug_type/TOPOPENREDIRECT.md)\r\n- [Top Clickjacking reports](tops_by_bug_type/TOPCLICKJACKING.md)\r\n- [Top DoS reports](tops_by_bug_type/TOPDOS.md)\r\n- [Top OAuth reports](tops_by_bug_type/TOPOAUTH.md)\r\n- [Top Account Takeover reports](tops_by_bug_type/TOPACCOUNTTAKEOVER.md)\r\n- [Top Business Logic reports](tops_by_bug_type/TOPBUSINESSLOGIC.md)\r\n- [Top REST API reports](tops_by_bug_type/TOPAPI.md)\r\n- [Top GraphQL reports](tops_by_bug_type/TOPGRAPHQL.md)\r\n- [Top Information Disclosure reports](tops_by_bug_type/TOPINFODISCLOSURE.md)\r\n- [Top Web Cache reports](tops_by_bug_type/TOPWEBCACHE.md)\r\n- [Top SSTI reports](tops_by_bug_type/TOPSSTI.md)\r\n- [Top Upload reports](tops_by_bug_type/TOPUPLOAD.md)\r\n- [Top HTTP Request Smuggling reports](tops_by_bug_type/TOPREQUESTSMUGGLING.md)\r\n- [Top OpenID reports](tops_by_bug_type/TOPOPENID.md)\r\n- [Top Mobile reports](tops_by_bug_type/TOPMOBILE.md)\r\n- [Top File Reading reports](tops_by_bug_type/TOPFILEREADING.md)\r\n- [Top Authorization Bypass reports](tops_by_bug_type/TOPAUTHORIZATION.md)\r\n- [Top Authentication Bypass reports](tops_by_bug_type/TOPAUTH.md)\r\n- [Top MFA reports](tops_by_bug_type/TOPMFA.md)\r\n\r\nTops by program.\r\n\r\n- [Top Mail.ru reports](tops_by_program/TOPMAILRU.md)\r\n- [Top HackerOne reports](tops_by_program/TOPHACKERONE.md)\r\n- [Top Shopify reports](tops_by_program/TOPSHOPIFY.md)\r\n- [Top Nextcloud reports](tops_by_program/TOPNEXTCLOUD.md)\r\n- [Top Twitter reports](tops_by_program/TOPTWITTER.md)\r\n- [Top X (formerly Twitter) reports](tops_by_program/TOPX\\(FORMERLYTWITTER\\).md)\r\n- [Top Uber reports](tops_by_program/TOPUBER.md)\r\n- [Top Node.js reports](tops_by_program/TOPNODEJSTHIRDPARTYMODULES.md)\r\n- [Top shopify-scripts reports](tops_by_program/TOPSHOPIFYSCRIPTS.md)\r\n- [Top Legal Robot reports](tops_by_program/TOPLEGALROBOT.md)\r\n- [Top U.S. Dept of Defense reports](tops_by_program/TOPUSDEPTOFDEFENSE.md)\r\n- [Top Gratipay reports](tops_by_program/TOPGRATIPAY.md)\r\n- [Top Weblate reports](tops_by_program/TOPWEBLATE.md)\r\n- [Top VK.com reports](tops_by_program/TOPVKCOM.md)\r\n- [Top New Relic reports](tops_by_program/TOPNEWRELIC.md)\r\n- [Top LocalTapiola reports](tops_by_program/TOPLOCALTAPIOLA.md)\r\n- [Top Zomato reports](tops_by_program/TOPZOMATO.md)\r\n- [Top Slack reports](tops_by_program/TOPSLACK.md)\r\n- [Top ownCloud reports](tops_by_program/TOPOWNCLOUD.md)\r\n- [Top GitLab reports](tops_by_program/TOPGITLAB.md)\r\n- [Top Ubiquiti Inc. reports](tops_by_program/TOPUBIQUITIINC.md)\r\n- [Top Automattic reports](tops_by_program/TOPAUTOMATTIC.md)\r\n- [Top Coinbase reports](tops_by_program/TOPCOINBASE.md)\r\n- [Top Verizon Media reports](tops_by_program/TOPVERIZONMEDIA.md)\r\n- [Top Starbucks reports](tops_by_program/TOPSTARBUCKS.md)\r\n- [Top Paragon Initiative Enterprises reports](tops_by_program/TOPPARAGONINITIATIVEENTERPRISES.md)\r\n- [Top PHP (IBB) reports](tops_by_program/TOPPHP(IBB).md)\r\n- [Top Brave Software reports](tops_by_program/TOPBRAVESOFTWARE.md)\r\n- [Top Vimeo reports](tops_by_program/TOPVIMEO.md)\r\n- [Top OLX reports](tops_by_program/TOPOLX.md)\r\n- [Top concrete5 reports](tops_by_program/TOPCONCRETE5.md)\r\n- [Top Phabricator reports](tops_by_program/TOPPHABRICATOR.md)\r\n- [Top Pornhub reports](tops_by_program/TOPPORNHUB.md)\r\n- [Top Localize reports](tops_by_program/TOPLOCALIZE.md)\r\n- [Top Qiwi reports](tops_by_program/TOPQIWI.md)\r\n- [Top WordPress reports](tops_by_program/TOPWORDPRESS.md)\r\n- [Top The Internet reports](tops_by_program/TOPTHEINTERNET.md)\r\n- [Top Open-Xchange reports](tops_by_program/TOPOPENXCHANGE.md)\r\n- [Top Razer reports](tops_by_program/TOPRAZER.md)\r\n- [Top Rockstar Games reports](tops_by_program/TOPROCKSTARGAMES.md)\r\n- [Top GitHub Security Lab reports](tops_by_program/TOPGITHUBSECURITYLAB.md)\r\n- [Top h1-ctf reports](tops_by_program/TOPH1CTF.md)\r\n- [Top Valve reports](tops_by_program/TOPVALVE.md)\r\n- [Top Yahoo! reports](tops_by_program/TOPYAHOO!.md)\r\n- [Top Internet Bug Bounty reports](tops_by_program/TOPINTERNETBUGBOUNTY.md)\r\n- [Top Concrete CMS reports](tops_by_program/TOPCONCRETECMS.md)\r\n- [Top Sifchain reports](tops_by_program/TOPSIFCHAIN.md)\r\n- [Top Curl reports](tops_by_program/TOPCURL.md)\r\n- [Top Acronis reports](tops_by_program/TOPACRONIS.md)\r\n- [Top TikTok reports](tops_by_program/TOPTIKTOK.md)\r\n- [Top MTN Group reports](tops_by_program/TOPMTNGROUP.md)\r\n- [Top Node.js reports](tops_by_program/TOPNODEJS.md)\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Freddelexc%2Fhackerone-reports","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Freddelexc%2Fhackerone-reports","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Freddelexc%2Fhackerone-reports/lists"}