leonjza/h1.sh

## h1.sh
# search h1 bounty programs
#
# 2023 @leonjza
#
# you need to grab a cookie and x-csrf-token value.
# one way to do that is (without auth):
#
# 1. browse to https://hackerone.com/directory/programs
# 2. open the console
# 3. search something
# 4. right click -> copy as cURL the /graphql request
# 5. drop it here, keeping the `jq` section

TERM=$1
echo "searching for:" $TERM

curl -s 'https://hackerone.com/graphql' \
  -H 'authority: hackerone.com' \
  -H 'accept: */*' \
  -H 'accept-language: en-US,en;q=0.9,af;q=0.8' \
  -H 'content-type: application/json' \
  -H 'cookie: <yours>' \
  -H 'dnt: 1' \
  -H 'origin: https://hackerone.com' \
  -H 'referer: https://hackerone.com/directory/programs' \
  -H 'sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"' \
  -H 'sec-ch-ua-mobile: ?0' \
  -H 'sec-ch-ua-platform: "macOS"' \
  -H 'sec-fetch-dest: empty' \
  -H 'sec-fetch-mode: cors' \
  -H 'sec-fetch-site: same-origin' \
  -H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36' \
  -H 'x-csrf-token: <yours>' \
  -H 'x-product-area: directory' \
  -H 'x-product-feature: programs' \
  --data-raw '{"operationName":"DirectoryQuery","variables":{"where":{"_and":[{"_or":[{"searchable_content":{"policy":{"_ilike":"%'$TERM'%"}}},{"name":{"_ilike":"%'$TERM'%"}},{"external_program":{"policy":{"_ilike":"%'$TERM'%"}}},{"external_program":{"name":{"_ilike":"%'$TERM'%"}}}]},{"_or":[{"submission_state":{"_eq":"open"}},{"submission_state":{"_eq":"api_only"}},{"external_program":{}}]},{"_or":[{"_and":[{"state":{"_neq":"sandboxed"}},{"state":{"_neq":"soft_launched"}}]},{"external_program":{}}]}]},"first":25,"secureOrderBy":null},"query":"query DirectoryQuery($cursor: String, $secureOrderBy: FiltersTeamFilterOrder, $where: FiltersTeamFilterInput) {\n  me {\n    id\n    edit_unclaimed_profiles\n    h1_pentester\n    __typename\n  }\n  teams(first: 25, after: $cursor, secure_order_by: $secureOrderBy, where: $where) {\n    pageInfo {\n      endCursor\n      hasNextPage\n      __typename\n    }\n    edges {\n      node {\n        id\n        bookmarked\n        ...TeamTableResolvedReports\n        ...TeamTableAvatarAndTitle\n        ...TeamTableLaunchDate\n        ...TeamTableMinimumBounty\n        ...TeamTableAverageBounty\n        ...BookmarkTeam\n        __typename\n      }\n      __typename\n    }\n    __typename\n  }\n}\n\nfragment TeamTableResolvedReports on Team {\n  id\n  resolved_report_count\n  __typename\n}\n\nfragment TeamTableAvatarAndTitle on Team {\n  id\n  profile_picture(size: medium)\n  name\n  handle\n  submission_state\n  triage_active\n  publicly_visible_retesting\n  state\n  allows_bounty_splitting\n  external_program {\n    id\n    __typename\n  }\n  ...TeamLinkWithMiniProfile\n  __typename\n}\n\nfragment TeamLinkWithMiniProfile on Team {\n  id\n  handle\n  name\n  __typename\n}\n\nfragment TeamTableLaunchDate on Team {\n  id\n  launched_at\n  __typename\n}\n\nfragment TeamTableMinimumBounty on Team {\n  id\n  currency\n  base_bounty\n  __typename\n}\n\nfragment TeamTableAverageBounty on Team {\n  id\n  currency\n  average_bounty_lower_amount\n  average_bounty_upper_amount\n  __typename\n}\n\nfragment BookmarkTeam on Team {\n  id\n  bookmarked\n  __typename\n}\n"}' | \
    # the important bit
    jq -r '.data.teams.edges[].node | [.name, ("https://hackerone.com/" + .handle)] | @csv'
	# search h1 bounty programs
	#
	# 2023 @leonjza
	#
	# you need to grab a cookie and x-csrf-token value.
	# one way to do that is (without auth):
	#
	# 1. browse to https://hackerone.com/directory/programs
	# 2. open the console
	# 3. search something
	# 4. right click -> copy as cURL the /graphql request
	# 5. drop it here, keeping the `jq` section

	TERM=$1
	echo "searching for:" $TERM

	curl -s 'https://hackerone.com/graphql' \
	-H 'authority: hackerone.com' \
	-H 'accept: /' \
	-H 'accept-language: en-US,en;q=0.9,af;q=0.8' \
	-H 'content-type: application/json' \
	-H 'cookie: <yours>' \
	-H 'dnt: 1' \
	-H 'origin: https://hackerone.com' \
	-H 'referer: https://hackerone.com/directory/programs' \
	-H 'sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"' \
	-H 'sec-ch-ua-mobile: ?0' \
	-H 'sec-ch-ua-platform: "macOS"' \
	-H 'sec-fetch-dest: empty' \
	-H 'sec-fetch-mode: cors' \
	-H 'sec-fetch-site: same-origin' \
	-H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36' \
	-H 'x-csrf-token: <yours>' \
	-H 'x-product-area: directory' \
	-H 'x-product-feature: programs' \
	--data-raw '{"operationName":"DirectoryQuery","variables":{"where":{"_and":[{"_or":[{"searchable_content":{"policy":{"_ilike":"%'$TERM'%"}}},{"name":{"_ilike":"%'$TERM'%"}},{"external_program":{"policy":{"_ilike":"%'$TERM'%"}}},{"external_program":{"name":{"_ilike":"%'$TERM'%"}}}]},{"_or":[{"submission_state":{"_eq":"open"}},{"submission_state":{"_eq":"api_only"}},{"external_program":{}}]},{"_or":[{"_and":[{"state":{"_neq":"sandboxed"}},{"state":{"_neq":"soft_launched"}}]},{"external_program":{}}]}]},"first":25,"secureOrderBy":null},"query":"query DirectoryQuery($cursor: String, $secureOrderBy: FiltersTeamFilterOrder, $where: FiltersTeamFilterInput) {\n me {\n id\n edit_unclaimed_profiles\n h1_pentester\n __typename\n }\n teams(first: 25, after: $cursor, secure_order_by: $secureOrderBy, where: $where) {\n pageInfo {\n endCursor\n hasNextPage\n __typename\n }\n edges {\n node {\n id\n bookmarked\n ...TeamTableResolvedReports\n ...TeamTableAvatarAndTitle\n ...TeamTableLaunchDate\n ...TeamTableMinimumBounty\n ...TeamTableAverageBounty\n ...BookmarkTeam\n __typename\n }\n __typename\n }\n __typename\n }\n}\n\nfragment TeamTableResolvedReports on Team {\n id\n resolved_report_count\n __typename\n}\n\nfragment TeamTableAvatarAndTitle on Team {\n id\n profile_picture(size: medium)\n name\n handle\n submission_state\n triage_active\n publicly_visible_retesting\n state\n allows_bounty_splitting\n external_program {\n id\n __typename\n }\n ...TeamLinkWithMiniProfile\n __typename\n}\n\nfragment TeamLinkWithMiniProfile on Team {\n id\n handle\n name\n __typename\n}\n\nfragment TeamTableLaunchDate on Team {\n id\n launched_at\n __typename\n}\n\nfragment TeamTableMinimumBounty on Team {\n id\n currency\n base_bounty\n __typename\n}\n\nfragment TeamTableAverageBounty on Team {\n id\n currency\n average_bounty_lower_amount\n average_bounty_upper_amount\n __typename\n}\n\nfragment BookmarkTeam on Team {\n id\n bookmarked\n __typename\n}\n"}' \| \
	# the important bit
	jq -r '.data.teams.edges[].node \| [.name, ("https://hackerone.com/" + .handle)] \| @csv'