Information Gathering

Open Sesame – Display Random Publicly Disclosed Hackerone Reports

Open Sesame - A Tool Which Runs To Display Random Publicly Disclosed Hackerone Reports When Bored

[sc name=”ad_1″]

A python tool which runs to display random publicly disclosed Hackerone reports when bored. Automatically opens the report in browser.

Contains Over 8k Publicly disclosed Hackerone reports and addtl. wordlist of ~700 bug bounty writeups.

This is a productivity tool for security enthusiasts and bug bounty hunters. I have written a blog here giving my idea of how to use this efficiently.
Launching Open Sesame!

Additional features include:

  • Opening URL from custom wordlist which has bug bounty writeups.
  • Fetching and Updating the newly disclosed Hackerone publicly disclosed reports.

Pl install components in rquirements.txt
python3 Opens a random magic URL from the collection of publicly disclosed h1 reports.

python3 --custom Opens a random magic URL from the collection of custom wordlist having bug bounty writeups.

python3 --refresh Refreshes and adds newly publicly disclosed h1 reports to your file(final.txt)

Known Issues

  • The ability of not able to distinguish between completely publicly disclosed reports and reports with limited disclosures.
  • The tool may break in the way of how it works if it gets run after a long time. The default range specified is scraping 10 pages to reduce load on the site. If you believe you are running it after a long time, consider increasing the range upto 50 in main for loop in before running. This will enable collecting all the reports till the recent report extracted in the final.txt.


  • h1.nobbd(dot)de
  • bugreader(dot)com
  • Awesome-Bugbounty-Writeups Repo
  • and other helpful sources.. 🙂

[sc name=”ad-in-article”]