AllVideoPocsFromHackerOne
This script grab public report from hacker one and make some folders with poc videos
Install / Use
/learn @zeroc00I/AllVideoPocsFromHackerOneREADME
AllPocsFromHackerOne
Note
Please, consider buying me a coffee! ☕
Want to keep up with the latest in bug bounty, cybersecurity, and my ongoing studies? Feel free to join my Telegram channel (It's in Portuguese, but packed with English content!).
https://t.me/zeroc00i_news => 
Description
This script grabs public report from hacker one and download all JSON files to be grepable
The main goal is make easy categorize vulns by technique
Would you have a suggestion?
Please open it on issues tab =)
I would love hear from you.
TOP 20 Weakness from HackerOne disclosed Reports
From 9k disclosed reports
1019 Information Disclosure
915 Cross-site Scripting (XSS) - Generic
723 Violation of Secure Design Principles
610 Improper Authentication - Generic
416 Cross-Site Request Forgery (CSRF)
415 Cross-site Scripting (XSS) - Stored
357 Denial of Service
324 Cross-site Scripting (XSS) - Reflected
320 Privilege Escalation
314 Memory Corruption - Generic
293 Improper Access Control - Generic
261 Open Redirect
226 Code Injection
198 Business Logic Errors
197 SQL Injection
186 Command Injection - Generic
169 Insecure Direct Object Reference (IDOR)
165 Server-Side Request Forgery (SSRF)
165 Cryptographic Issues - Generic
130 Path Traversal
All Categorized Vulns
Allocation of Resources Without Limits or Throttling
Authentication Bypass Using an Alternate Path or Channel
Cleartext Storage of Sensitive Information
Cleartext Transmission of Sensitive Information
Client-Side Enforcement of Server-Side Security
Cross-Site Request Forgery (CSRF)
Cross-site Scripting (XSS) - DOM
Cross-site Scripting (XSS) - Generic
Cross-site Scripting (XSS) - Reflected
Cross-site Scripting (XSS) - Stored
Cryptographic Issues - Generic
Deserialization of Untrusted Data
Execution with Unnecessary Privileges
Exposed Dangerous Method or Function
Externally Controlled Reference to a Resource in Another Sphere
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
File and Directory Information Exposure
Improper Access Control - Generic
Improper Authentication - Generic
Improper Certificate Validation
Improper Check or Handling of Exceptional Conditions
Improper Export of Android Application Components
Improper Handling of Insufficient Permissions or Privileges
Improper Handling of URL Encoding (Hex Encoding)
Improper Neutralization of Escape, Meta, or Control Sequences
Improper Neutralization of HTTP Headers for Scripting Syntax
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Inadequate Encryption Strength
[Incorrect Calculation of Buffer Size](https://github.com/bminossi/AllVideoPocsFromHackerOne/blob/main/we
Related Skills
docs-writer
99.3k`docs-writer` skill instructions As an expert technical writer and editor for the Gemini CLI project, you produce accurate, clear, and consistent documentation. When asked to write, edit, or revie
model-usage
338.0kUse CodexBar CLI local cost usage to summarize per-model usage for Codex or Claude, including the current (most recent) model or a full model breakdown. Trigger when asked for model-level usage/cost data from codexbar, or when you need a scriptable per-model summary from codexbar cost JSON.
ddd
Guía de Principios DDD para el Proyecto > 📚 Documento Complementario : Este documento define los principios y reglas de DDD. Para ver templates de código, ejemplos detallados y guías paso
zola-ai
An autonomous Solana wallet agent that executes payments via Twitter mentions and an in-app dashboard, powered by Claude.
