/ ディレクトリ / プレイグラウンド / h1-brain
← 全サーバー ↗ GitHub
● コミュニティ PatrikFehrenbach ⚡ 即起動

h1-brain

作者 PatrikFehrenbach · PatrikFehrenbach/h1-brain

AI-powered bug bounty assistant — synthesizes your HackerOne history with 3,600+ disclosed reports to generate attack briefings.

h1-brain is an MCP server that connects AI assistants to HackerOne's bug bounty platform. It maintains dual databases: your personal bounty history (rewarded reports, program scopes) and 3,600+ publicly disclosed reports. The hack(handle) tool generates comprehensive attack briefings combining scope, past findings, weakness patterns, and untouched assets.

▶ デモを見る 📦 インストール 💡 ユースケース

なぜ使うのか

主な機能

ライブデモ

実際の動作

h1-brain.replay ▶ 準備完了
0/0

インストール

クライアントを選択

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "h1-brain": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/PatrikFehrenbach/h1-brain"
      ]
    }
  }
}

Claude Desktop → Settings → Developer → Edit Config を開く。保存後、アプリを再起動。

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "h1-brain": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/PatrikFehrenbach/h1-brain"
      ]
    }
  }
}

Cursor は Claude Desktop と同じ mcpServers スキーマを使用。プロジェクト設定はグローバルより優先。

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "h1-brain": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/PatrikFehrenbach/h1-brain"
      ]
    }
  }
}

Cline サイドバーの MCP Servers アイコンをクリックし、"Edit Configuration" を選択。

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "h1-brain": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/PatrikFehrenbach/h1-brain"
      ]
    }
  }
}

Claude Desktop と同じ形式。Windsurf を再起動して反映。

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "h1-brain",
      "command": "TODO",
      "args": [
        "See README: https://github.com/PatrikFehrenbach/h1-brain"
      ]
    }
  ]
}

Continue はマップではなくサーバーオブジェクトの配列を使用。

~/.config/zed/settings.json
{
  "context_servers": {
    "h1-brain": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/PatrikFehrenbach/h1-brain"
        ]
      }
    }
  }
}

context_servers に追加。保存時に Zed がホットリロード。

claude mcp add h1-brain -- TODO 'See README: https://github.com/PatrikFehrenbach/h1-brain'

ワンライナー。claude mcp list で確認、claude mcp remove で削除。

ユースケース

実用的な使い方: h1-brain

Generate an attack briefing for an authorized bug bounty program

👤 Bug bounty hunters working on authorized HackerOne programs ⏱ ~15 min intermediate

使うタイミング: You're starting work on a new bug bounty target and want a strategic overview.

前提条件
  • HackerOne API token — Generate at hackerone.com/settings/api_token
  • h1-brain installed and databases populated — Clone, install, run fetch_rewarded_reports to populate personal DB
フロー
  1. Generate the briefing
    hack('target-company') — Generate a full attack briefing for this program.✓ コピーしました
    → Comprehensive briefing with scope, known weakness patterns, untouched assets, and suggested attack vectors
  2. Cross-reference with disclosures
    Search disclosed reports for this company. What vulnerability types have been found before?✓ コピーしました
    → List of disclosed vulnerabilities with types and bounty amounts

結果: A strategic attack plan based on historical data and current scope.

注意点
  • Stale scope data — The tool fetches fresh scope from HackerOne API, but verify on the program page

Analyze your bug bounty track record to find your strengths

👤 Bug bounty hunters optimizing their approach ⏱ ~20 min beginner

使うタイミング: You want to understand which vulnerability types and programs earn you the most bounties.

前提条件
  • Personal database populated — Run fetch_rewarded_reports to sync your history
フロー
  1. Review your history
    Search my rewarded reports. Group them by vulnerability type and show the total bounty per type.✓ コピーしました
    → Breakdown of earnings by vulnerability category
  2. Identify patterns
    Which programs am I most successful on? What do they have in common?✓ コピーしました
    → Pattern analysis across your most rewarded programs

結果: Insight into your strengths to focus future hunting efforts.

注意点
  • Old reports may not reflect current program scope — Re-fetch program scopes to get current assets

組み合わせ

他のMCPと組み合わせて10倍の力を

h1-brain + filesystem

Save attack briefings and reports to organized files for each program

Generate an attack briefing for target-company and save it as ~/bounty/target-company/briefing.md.✓ コピーしました

ツール

このMCPが提供する機能

ツール入力呼び出すタイミングコスト
hack handle: str Generate a comprehensive attack briefing for a HackerOne program Multiple API calls
search_reports query?: str Search your personal rewarded reports 0 (local DB)
search_disclosed_reports query?: str Search across 3,600+ public disclosures 0 (local DB)
search_programs query?: str Search bug bounty programs 0 (local DB)
fetch_rewarded_reports none Sync your HackerOne rewarded reports to local DB Multiple API calls

コストと制限

運用コスト

APIクォータ
HackerOne API rate limits apply during sync and scope fetching
呼び出しあたりのトークン
500–3000 tokens per briefing
金額
Free — HackerOne API access is free with your account
ヒント
Populate the local databases once, then queries are free and instant. Re-sync periodically.

セキュリティ

権限、シークレット、影響範囲

最小スコープ: HackerOne API token with read access
認証情報の保管: API token in environment variable or Claude Desktop config
データ送信先: API calls to HackerOne during sync and scope fetching. Local DB queries have no network calls.

トラブルシューティング

よくあるエラーと対処法

Empty personal database

Run fetch_rewarded_reports first to populate your local database from HackerOne.

確認: Check that h1_data.db file exists and has data
HackerOne API authentication failed

Verify your API token is valid and hasn't expired. Generate a new one at hackerone.com/settings/api_token.

確認: curl -H 'Authorization: ...' https://api.hackerone.com/v1/me
hack() returns empty briefing

The program handle may be incorrect. Search for the exact handle on HackerOne's directory.

確認: search_programs to find the correct handle

代替案

h1-brain 他との比較

代替案代わりに使う場面トレードオフ
hexstrike-aiYou need active security scanning tools rather than HackerOne-specific intelligenceBroader tool coverage but no HackerOne integration or report history

その他

リソース

📖 GitHub の公式 README を読む

🐙 オープンな issue を見る

🔍 400以上のMCPサーバーとSkillsを見る