h1-brain

Overview

h1-brain is an MCP server that bridges AI assistants with HackerOne's bug bounty platform. It synchronizes your personal bug bounty history, program scopes, and report details into a local SQLite database, providing tools for searching and analyzing your past work. The server includes a pre-built database of 3,600+ publicly disclosed bounty-awarded reports from the HackerOne community. Its primary tool, `hack(handle)`, generates comprehensive attack briefings by combining fresh scopes from the API, your past findings, public disclosures, weakness patterns, and suggested attack vectors.

Try asking AI

After installing, here are 6 things you can ask your AI assistant:

• hackhack(handle)

  Generates a full hacking session briefing with scope, past findings, public reports, and attack vectors

  Try:Generate a hacking briefing for program exampleCorpTry:Attack plan for handle=acme-corpTry:Hack target: tech-company-prod
• search_reportssearch_reports(query, program, weakness, severity, limit)

  Search your personal rewarded reports by various criteria

  Try:Find my reports with XSS vulnerabilitiesTry:Show me high severity reports from exampleCorpTry:Search for SQLi reports with bounty > $1000
• get_reportget_report(report_id)

  Retrieve full details of your specific reward report

  Try:Get report ID 12345 detailsTry:Show me the full report for 98765Try:Retrieve report with ID 54321
• get_report_summaryget_report_summary()

  Get summary of all your reports grouped by program

  Try:Show my report summaryTry:How much have I earned total?Try:List all my programs and report counts
• search_programssearch_programs(query, bounty_only, limit)

  Search your accessible programs on HackerOne

  Try:Show all my programs with bountiesTry:Find programs matching techTry:List programs with active bounties
• search_scopessearch_scopes(program, asset, bounty_only, limit)

  Search in-scope assets across your programs

  Try:Show bounty-eligible assets for exampleCorpTry:Find scope assets with hostname apiTry:List all assets in program with handle=acme
• fetch_attachmentfetch_attachment(report_id, attachment_id?)

  Get fresh download URLs for report attachments

  Try:Get attachments for report 12345Try:Download attachment 678 from report 54321Try:Fetch all attachments from report 98765
• search_disclosed_reportssearch_disclosed_reports(query, program, weakness, limit)

  Search public disclosed reports across all programs

  Try:Find public reports about XSS in bankingTry:Show disclosed reports for acme-corpTry:Search public reports for SSRF vulnerabilities
• get_disclosed_reportget_disclosed_report(report_id)

  Retrieve full details of a specific public disclosed report

  Try:Get public report 11111 detailsTry:Show me the full disclosed report 22222Try:Retrieve public disclosure 33333
• fetch_rewarded_reportsfetch_rewarded_reports()

  Sync all your bounty-awarded reports from HackerOne API

  Try:Update all my bounty reportsTry:Fetch latest rewarded reportsTry:Sync my reports from HackerOne
• fetch_programsfetch_programs()

  Sync all your accessible programs from HackerOne API

  Try:Update my program listTry:Fetch all my programsTry:Sync available programs from HackerOne
• fetch_program_scopesfetch_program_scopes(handle)

  Sync program scopes from HackerOne API (auto-called by hack)

  Try:Update scopes for program exampleCorpTry:Fetch scope for handle=acmeTry:Get latest scope for tech-company

Comparable tools

Installation

git clone https://github.com/PatrikFehrenbach/h1-brain.git
cd h1-brain
python -m venv venv
source venv/bin/activate
pip install -r requirements.txt

{
  "mcpServers": {
    "h1-brain": {
      "command": "/path/to/h1-brain/venv/bin/python",
      "args": ["/path/to/h1-brain/server.py"],
      "env": {
        "H1_USERNAME": "your_hackerone_username",
        "H1_API_TOKEN": "your_api_token"
      }
    }
  }
}

FAQ

What data does h1-brain access from HackerOne?

h1-brain accesses your bounty-awarded reports, programs you have access to, and program scopes. It also includes a pre-built database of 3,600+ public disclosed bounty reports.

Do I need a HackerOne account to use this?

Yes, you need a HackerOne account with API access to sync your personal data. The public reports database is included with the server.

Compare h1-brain with