Forked from tetrillard/rss_hackerone_hacktivity.py
Created
November 13, 2024 03:30
-
-
Save jcran/462526eed74de19a5d94b513040c32cb to your computer and use it in GitHub Desktop.
HackerOne Hacktivity to RSS feed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import sys | |
| import requests | |
| import urllib3 | |
| import json | |
| import re | |
| from types import SimpleNamespace as Namespace | |
| from feedgen.feed import FeedGenerator | |
| output = '' | |
| if len(sys.argv) > 2: | |
| output = sys.argv[1] | |
| fg = FeedGenerator() | |
| fg.id("https://hackerone.com/hacktivity") | |
| fg.link(href="https://hackerone.com/hacktivity") | |
| fg.title("HackerOne hacktivity") | |
| fg.description("HackerOne hacktivity") | |
| url = "https://hackerone.com/graphql" | |
| url_hacktivity = "https://hackerone.com/hacktivity" | |
| # https://curlconverter.com/ | |
| json_data = { | |
| 'operationName': 'HacktivityPageQuery', | |
| 'variables': { | |
| 'querystring': '', | |
| 'where': { | |
| 'report': { | |
| 'disclosed_at': { | |
| '_is_null': False, | |
| }, | |
| }, | |
| }, | |
| 'orderBy': None, | |
| 'secureOrderBy': { | |
| 'latest_disclosable_activity_at': { | |
| '_direction': 'DESC', | |
| }, | |
| }, | |
| 'count': 25, | |
| 'maxShownVoters': 10, | |
| }, | |
| 'query': 'query HacktivityPageQuery($querystring: String, $orderBy: HacktivityItemOrderInput, $secureOrderBy: FiltersHacktivityItemFilterOrder, $where: FiltersHacktivityItemFilterInput, $count: Int, $cursor: String, $maxShownVoters: Int) {\n me {\n id\n __typename\n }\n hacktivity_items(\n first: $count\n after: $cursor\n query: $querystring\n order_by: $orderBy\n secure_order_by: $secureOrderBy\n where: $where\n ) {\n ...HacktivityList\n __typename\n }\n}\n\nfragment HacktivityList on HacktivityItemConnection {\n pageInfo {\n endCursor\n hasNextPage\n __typename\n }\n edges {\n node {\n ... on HacktivityItemInterface {\n id\n databaseId: _id\n __typename\n }\n __typename\n }\n ...HacktivityItem\n __typename\n }\n __typename\n}\n\nfragment HacktivityItem on HacktivityItemUnionEdge {\n node {\n ... on HacktivityItemInterface {\n id\n type: __typename\n }\n ... on Undisclosed {\n id\n ...HacktivityItemUndisclosed\n __typename\n }\n ... on Disclosed {\n id\n ...HacktivityItemDisclosed\n __typename\n }\n ... on HackerPublished {\n id\n ...HacktivityItemHackerPublished\n __typename\n }\n __typename\n }\n __typename\n}\n\nfragment HacktivityItemUndisclosed on Undisclosed {\n id\n votes {\n total_count\n __typename\n }\n voters: votes(last: $maxShownVoters) {\n edges {\n node {\n id\n user {\n id\n username\n __typename\n }\n __typename\n }\n __typename\n }\n __typename\n }\n upvoted: upvoted_by_current_user\n reporter {\n id\n username\n ...UserLinkWithMiniProfile\n __typename\n }\n team {\n handle\n name\n medium_profile_picture: profile_picture(size: medium)\n url\n id\n ...TeamLinkWithMiniProfile\n __typename\n }\n latest_disclosable_action\n latest_disclosable_activity_at\n requires_view_privilege\n total_awarded_amount\n currency\n __typename\n}\n\nfragment TeamLinkWithMiniProfile on Team {\n id\n handle\n name\n __typename\n}\n\nfragment UserLinkWithMiniProfile on User {\n id\n username\n __typename\n}\n\nfragment HacktivityItemDisclosed on Disclosed {\n id\n reporter {\n id\n username\n ...UserLinkWithMiniProfile\n __typename\n }\n votes {\n total_count\n __typename\n }\n voters: votes(last: $maxShownVoters) {\n edges {\n node {\n id\n user {\n id\n username\n __typename\n }\n __typename\n }\n __typename\n }\n __typename\n }\n upvoted: upvoted_by_current_user\n team {\n handle\n name\n medium_profile_picture: profile_picture(size: medium)\n url\n id\n ...TeamLinkWithMiniProfile\n __typename\n }\n report {\n id\n databaseId: _id\n title\n substate\n url\n __typename\n }\n latest_disclosable_action\n latest_disclosable_activity_at\n total_awarded_amount\n severity_rating\n currency\n __typename\n}\n\nfragment HacktivityItemHackerPublished on HackerPublished {\n id\n reporter {\n id\n username\n ...UserLinkWithMiniProfile\n __typename\n }\n votes {\n total_count\n __typename\n }\n voters: votes(last: $maxShownVoters) {\n edges {\n node {\n id\n user {\n id\n username\n __typename\n }\n __typename\n }\n __typename\n }\n __typename\n }\n upvoted: upvoted_by_current_user\n team {\n id\n handle\n name\n medium_profile_picture: profile_picture(size: medium)\n url\n ...TeamLinkWithMiniProfile\n __typename\n }\n report {\n id\n url\n title\n substate\n __typename\n }\n latest_disclosable_activity_at\n severity_rating\n __typename\n}\n', | |
| } | |
| s = requests.session() | |
| resp = s.get(url_hacktivity) | |
| token = re.findall(r'<meta name="csrf-token" content="([^"]*)" />', resp.text, flags=re.IGNORECASE | re.MULTILINE | re.DOTALL)[0] | |
| e = s.post(url, json=json_data, headers={'x-csrf-token': token}) | |
| j = json.loads(e.text, object_hook=lambda d: Namespace(**d)) | |
| for i in j.data.hacktivity_items.edges: | |
| report = i.node | |
| published_at = report.latest_disclosable_activity_at | |
| report_url = report.report.url | |
| reporter = report.reporter.username | |
| bounty = str(int(report.total_awarded_amount)) if report.total_awarded_amount else 'N/A' | |
| title = report.report.title | |
| team = report.team.name | |
| # print('%s | %s | %s | %s' % (team, reporter, bounty, title)) | |
| fe = fg.add_entry() | |
| fe.id(report_url) | |
| fe.content( "") | |
| fe.published(published_at) | |
| fe.link(href=report_url) | |
| fe.content('<a href="%s">%s</a>' % (report_url, report_url)) | |
| fe.title('%s | %s | %s | %s' % (team, reporter, bounty, title)) | |
| fg.atom_file(output + 'atom.xml') | |
| fg.rss_file(output + 'rss.xml') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment