/HuntrBot

Whatsapp bot that checks for new submissions on huntr.dev platform.

Primary LanguagePython

HuntrBot

WhatsApp bot for huntr.dev bug notification


Huntr.dev is a platform to find and fix opensource vulnerabilities, you could login with your GitHub account, choose a program and start fixing. HuntrBot is a WhatsApp bot which checks for new submissions added to huntr platform.

Made using Twilio API for Whatsapp and Flask framework for python, hosted on heroku.

You can either use the app hosted on Heroku(https://huntr-bot.herokuapp.com/), or clone the repo and host it somewhere else. You will need a Twilio account and an active WhatsApp sandbox for the bot to work.

Usage:

  • all - returns all the bugs/vulnerable packages currently active.
  • new - returns only the new submission made in that current day.
  • python - returns all bounties in Python.
  • js - returns all bounties in JavaScript.
  • ruby - returns all bounties in Ruby.
  • php - returns all bounties in PHP.

Setup:

  • Connect your whatsapp to Twilio WhatsApp sandbox: From your Twilio Console, select Programmable Messaging, then click on "Try it Out" and finally click on Try WhatsApp. The WhatsApp sandbox page will show you the sandbox number assigned to your account, and a join code.

  • To enable the WhatsApp sandbox for your smartphone send a WhatsApp message with the given code to the number assigned to your account. The code is going to begin with the word join, followed by a randomly generated two-word phrase. Shortly after you send the message you should receive a reply from Twilio indicating that your mobile number is connected to the sandbox and can start sending and receiving messages.

  • In order to deploy the flask app to heroku, here's a article https://devcenter.heroku.com/articles/git

  • After generating a public app URL, bo back to the Twilio Console, click on Programmable Messaging, then on Settings, and finally on WhatsApp Sandbox Settings. Copy the https:// URL from the Heroku app and then paste it on the “When a message comes in” field and append /bot endpoint. Make sure the request method is set to HTTP Post.

If you are running the bot locally,

$ python bot.py
 * Serving Flask app "bot" (lazy loading)
 * Environment: production
   WARNING: This is a development server. Do not use it in a production deployment.
   Use a production WSGI server instead.
 * Debug mode: off
 * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)

Happy Hunting!

✨🍰