HackerOne
HackerOne bug bounty automation for parallel pentesting and submission-ready reporting.
What It Does
Parses HackerOne scope CSVs to extract in-scope assets, deploys parallel pentesting agents for each asset using specialized executors, validates proof-of-concept exploits automatically, and generates platform-ready submission reports with CVSS scoring, remediation guidance, and reproduction steps.
Scripts
| Script | Description |
|---|---|
parse_scope | H1 scope parsing — extracts wildcard domains, API endpoints, mobile apps, source repos |
launch_pentest | Parallel pentest deployment — one executor agent per asset with tech-stack routing |
validate_poc | Automated PoC validation — confirms exploit reproducibility, captures evidence |
generate_report | H1 submission report — platform-ready format with severity, CVSS, and reproduction |
When to Use
Use when working on HackerOne programs. Provide the scope CSV and let the suite deploy parallel agents per asset. Use --mode passive for safe scope validation before active testing.
Usage
RedTeamScript(skill="hackerone", script="parse_scope", args="--csv scope.csv --program hackerone.com/program-slug")