Rapport H1
Intermédiaire
Ceci est unSecOps, AI Summarizationworkflow d'automatisation du domainecontenant 9 nœuds.Utilise principalement des nœuds comme Agent, HttpRequestTool, ChatTrigger, LmChatGoogleGemini. Extraire des insights de sécurité actionnables à partir des rapports HackerOne avec Google Gemini
Prérequis
- •Peut nécessiter les informations d'identification d'authentification de l'API cible
- •Clé API Google Gemini
Nœuds utilisés (9)
Catégorie
Aperçu du workflow
Visualisation des connexions entre les nœuds, avec support du zoom et du déplacement
Exporter le workflow
Copiez la configuration JSON suivante dans n8n pour importer et utiliser ce workflow
{
"id": "GQvrSUkdvgHiSl4W",
"meta": {
"instanceId": "c5257b5cf4d48704d636909c07c4408a69d6799d0a855eab46287eeb702c84b0",
"templateCredsSetupCompleted": true
},
"name": "H1 reports",
"tags": [
{
"id": "B57Byrk0DBYk6h5Q",
"name": "The Herald",
"createdAt": "2025-07-07T03:11:18.909Z",
"updatedAt": "2025-07-07T03:11:18.909Z"
}
],
"nodes": [
{
"id": "bedea6c7-e283-4339-9b7f-dd1d1bcf8016",
"name": "Modèle de chat Google Gemini",
"type": "@n8n/n8n-nodes-langchain.lmChatGoogleGemini",
"position": [
576,
208
],
"parameters": {
"options": {},
"modelName": "models/gemini-2.5-pro"
},
"credentials": {
"googlePalmApi": {
"id": "9X33EcTu2Vxq1AUX",
"name": "Google Gemini(PaLM) Api account"
}
},
"typeVersion": 1
},
{
"id": "ce8f1868-70e3-4b0a-8e6c-6078359b7d9e",
"name": "GET H1 report",
"type": "n8n-nodes-base.httpRequestTool",
"position": [
912,
208
],
"parameters": {
"url": "={{ /*n8n-auto-generated-fromAI-override*/ $fromAI('URL', ``, 'string') }}",
"options": {},
"toolDescription": "Makes a request to \n```\nhttps://hackerone.com/reports/<hackerone-report-id>.json\n```\nexample:\n\nhttps://hackerone.com/reports/312543.json\nhttps://hackerone.com/reports/342543.json"
},
"typeVersion": 4.2
},
{
"id": "0e7065ce-f2aa-416d-9488-dbffa4bb0f67",
"name": "À la réception du message",
"type": "@n8n/n8n-nodes-langchain.chatTrigger",
"position": [
448,
0
],
"webhookId": "0ffa61ef-4e16-43f7-a57b-7e103047dc9f",
"parameters": {
"public": true,
"options": {
"title": "H1 report summarizer",
"subtitle": "",
"customCss": "/* Font Import (place in your <head>) */\n@import url('https://fonts.googleapis.com/css2?family=Inter:wght@400;600&family=Fira+Code&display=swap');\n\n:root {\n /* 🎨 Color Palette - Minimal + Elegant */\n --chat--color-primary: #e74266;\n --chat--color-primary-shade-50: #d63b5d;\n --chat--color-primary-shade-100: #c73352;\n --chat--color-secondary: #20b69e;\n --chat--color-secondary-shade-50: #1ca08a;\n\n --chat--color-white: #ffffff;\n --chat--color-light: #f9fafb;\n --chat--color-light-shade-50: #e5e7eb;\n --chat--color-light-shade-100: #d1d5db;\n --chat--color-medium: #9ca3af;\n --chat--color-dark: #111827;\n --chat--color-muted: #6b7280;\n\n /* Fonts & Sizing */\n --chat--font-family: 'Inter', -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;\n --chat--code-font: 'Fira Code', monospace;\n --chat--font-size: 1rem;\n\n /* Layout & Spacing */\n --chat--spacing: 1rem;\n --chat--border-radius: 0.75rem;\n --chat--transition-duration: 0.25s;\n\n /* Window */\n --chat--window--width: 420px;\n --chat--window--height: 620px;\n --chat--window--box-shadow: 0 12px 32px rgba(0, 0, 0, 0.1);\n\n /* Header */\n --chat--header--background: var(--chat--color-dark);\n --chat--header--color: var(--chat--color-white);\n --chat--heading--font-size: 1.4rem;\n\n /* Message Bubbles */\n --chat--message--font-size: 1rem;\n --chat--message--padding: 0.85rem 1rem;\n --chat--message--border-radius: 0.75rem;\n --chat--message--bot--background: var(--chat--color-white);\n --chat--message--bot--color: var(--chat--color-dark);\n --chat--message--user--background: var(--chat--color-secondary);\n --chat--message--user--color: var(--chat--color-white);\n\n /* Input */\n --chat--input--background: var(--chat--color-white);\n --chat--input--text-color: var(--chat--color-dark);\n --chat--input--border: 1px solid var(--chat--color-light-shade-100);\n --chat--input--border-radius: 0.75rem;\n --chat--input--placeholder: var(--chat--color-muted);\n\n /* Code Blocks */\n --chat--code--background: #111827;\n --chat--code--text: #f9fafb;\n}\n\n/* 🪟 Chat Window */\n.chat-window {\n width: var(--chat--window--width);\n height: var(--chat--window--height);\n background: var(--chat--color-light);\n box-shadow: var(--chat--window--box-shadow);\n border-radius: var(--chat--border-radius);\n display: flex;\n flex-direction: column;\n overflow: hidden;\n font-family: var(--chat--font-family);\n -webkit-font-smoothing: antialiased;\n}\n\n/* 🧠 Header */\n.chat-header {\n background: var(--chat--header--background);\n color: var(--chat--header--color);\n padding: var(--chat--spacing);\n font-size: var(--chat--heading--font-size);\n font-weight: 600;\n border-bottom: 1px solid rgba(255, 255, 255, 0.08);\n}\n\n/* 📜 Message Container */\n.chat-messages {\n flex: 1;\n padding: var(--chat--spacing);\n overflow-y: auto;\n background: var(--chat--color-light);\n}\n\n/* 💬 Message Bubbles */\n.chat-message {\n max-width: 75%;\n padding: var(--chat--message--padding);\n border-radius: var(--chat--message--border-radius);\n margin-bottom: 0.75rem;\n font-size: var(--chat--message--font-size);\n line-height: 1.5;\n box-shadow: 0 2px 4px rgba(0, 0, 0, 0.04);\n word-break: break-word;\n transition: 0.2s ease-in-out;\n}\n\n.chat-message.bot {\n background: var(--chat--message--bot--background);\n color: var(--chat--message--bot--color);\n align-self: flex-start;\n}\n\n.chat-message.user {\n background: var(--chat--message--user--background);\n color: var(--chat--message--user--color);\n align-self: flex-end;\n}\n\n/* 🧑💻 Code Block Styling - Enhanced Visibility */\n.chat-message pre {\n box-sizing: border-box;\n display: block;\n font-family: var(--chat--code-font), monospace;\n font-size: 0.9rem; /* Slightly larger font */\n line-height: 1.6; /* More spacing */\n background: #f8f8f8; /* Dark but not pure black */\n color: #333; /* Light gray for better readability */\n padding: 1rem;\n border-radius: 0.5rem;\n margin-top: 0.75rem;\n white-space: pre-wrap;\n word-break: break-word;\n overflow-x: auto;\n border: 1px solid #ddd; /* Subtle border */\n box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.3);\n}\n\n/* Label above code blocks - More visible */\n.chat-message pre::before {\n content: \"payload\";\n display: block;\n font-size: 0.8rem;\n color: #666;\n margin-bottom: 0.75rem;\n font-weight: 600;\n letter-spacing: 0.5px;\n}\n\n/* Syntax highlighting colors (example) */\n.chat-message pre .keyword { color: #569cd6; } /* Blue for keywords */\n.chat-message pre .string { color: #ce9178; } /* Orange for strings */\n.chat-message pre .comment { color: #6a9955; } /* Green for comments */\n.chat-message pre .number { color: #b5cea8; } /* Light green for numbers */\n\n/* Improved scrollbar */\n.chat-message pre::-webkit-scrollbar {\n height: 8px; /* Thicker scrollbar */\n background-color: #2a2a2a;\n}\n.chat-message pre::-webkit-scrollbar-thumb {\n background: #5a5a5a;\n border-radius: 4px;\n}\n\n/* ✍️ Typing Indicator */\n.chat-typing {\n color: var(--chat--color-muted);\n font-style: italic;\n margin-top: 0.5rem;\n animation: blink 1s infinite;\n}\n@keyframes blink {\n 0%, 100% { opacity: 1; }\n 50% { opacity: 0.4; }\n}\n\n/* ⌨️ Input Footer */\n.chat-input-area {\n display: flex;\n padding: var(--chat--spacing);\n border-top: 1px solid var(--chat--color-light-shade-100);\n background: var(--chat--color-white);\n}\n\n.chat-input {\n flex: 1;\n font-family: var(--chat--font-family);\n font-size: var(--chat--font-size);\n background: var(--chat--input--background);\n color: var(--chat--input--text-color);\n border: var(--chat--input--border);\n border-radius: var(--chat--input--border-radius);\n padding: 0.75rem 1rem;\n}\n.chat-input::placeholder {\n color: var(--chat--input--placeholder);\n}\n\n/* 📤 Send Button */\n.chat-send-btn {\n margin-left: 0.75rem;\n background: var(--chat--color-primary);\n color: var(--chat--color-white);\n border: none;\n border-radius: var(--chat--border-radius);\n padding: 0.75rem 1rem;\n cursor: pointer;\n transition: background 0.2s ease-in-out;\n}\n.chat-send-btn:hover {\n background: var(--chat--color-primary-shade-50);\n}\n\n/* 💝 Attribution Below Header */\n.chat-header::after {\n content: \"Made with ❤️ by ethicxl\";\n display: block;\n text-align: right;\n padding: 0.5rem var(--chat--spacing);\n background: var(--chat--color-dark);\n font-size: 0.75rem;\n color: var(--chat--color-medium);\n font-weight: 400;\n font-family: var(--chat--font-family);\n border-bottom: 1px solid rgba(255, 255, 255, 0.08);\n}\n\n/* Remove the problematic positioning */\n.chat-input-area {\n position: static;\n margin-bottom: 0;\n}"
},
"initialMessages": "Hey!\nSend your report's link down below"
},
"typeVersion": 1.1
},
{
"id": "5f51af95-aa06-43f8-b7c9-c5ff5a4298cb",
"name": "H1 report summarizer",
"type": "@n8n/n8n-nodes-langchain.agent",
"position": [
640,
0
],
"parameters": {
"text": "={{ $json.chatInput }}",
"options": {
"systemMessage": "=You are an expert AI assistant designed for a high-level bug bounty hunter. Your task is to extract and summarize only **unique, high-impact technical insights** from security reports, not general summaries.\n\nTool Calling:\n\n* Before you write anything you must:\n* Call the tool `GET H1 report` exactly once, passing the full URL you received.\n* Parse the returned JSON for report contents (they would be in JSON)\n\nFocus your analysis on:\n- New payloads, edge-case techniques, or chaining methods\n- Root cause analysis with practical pentesting value\n- Workflow insights that save time or increase discovery\n- Snippets that can be reused or adapted (code, diffs, commands)\n- CVSS/impact context only if it reflects real-world exploitation potential\n\nYour tone is concise, factual, and tailored for advanced hunters. Do not include background explanations or definitions.\n\nFormat the output as:\n\n1. **Summary** (1–2 sentence BLUF)\n2. **Techniques**:\n - *Name*: Short tag for the finding (e.g., SSRF via PDF render)\n - *Context*: Where/how the bug was triggered\n - *Technique*: Raw payload, code, diff, or steps\n - *Impact*: What the attacker could achieve\n3. **Pro Tip** (optional): A short insight that can be reused elsewhere\n"
},
"promptType": "define"
},
"typeVersion": 2
},
{
"id": "61f8445f-7789-44ea-8ed8-edd54eba19d7",
"name": "Note adhésive",
"type": "n8n-nodes-base.stickyNote",
"position": [
1168,
-128
],
"parameters": {
"color": 4,
"width": 376,
"height": 208,
"content": "## 🎯 WORKFLOW PURPOSE\n\nConverts HackerOne report URLs into actionable security insights for bug bounty hunters.\n\n**INPUT**: H1 report URL (e.g., hackerone.com/reports/123456.json)\n**OUTPUT**: Structured technical analysis with payloads & techniques"
},
"typeVersion": 1
},
{
"id": "19e3ab93-8027-423d-bc98-5d21eb66db2a",
"name": "Note adhésive1",
"type": "n8n-nodes-base.stickyNote",
"position": [
0,
-32
],
"parameters": {
"width": 352,
"height": 204,
"content": "### 📨 CHAT INTERFACE\n\n**Setup Required**:\n- Deploy webhook publicly\n- Send H1 URLs ending in .json\n- Custom CSS for pentester theme\n\n**Format**: https://hackerone.com/reports/ID"
},
"typeVersion": 1
},
{
"id": "56c29618-9568-4b8c-aeff-81cfb820bd1f",
"name": "Note adhésive2",
"type": "n8n-nodes-base.stickyNote",
"position": [
640,
-288
],
"parameters": {
"width": 268,
"height": 200,
"content": "### 🧠 Main Agent\n\n**Requires**: Google Gemini API key\n\n**Purpose**: \n- Orchestrates analysis workflow\n- Calls HTTP tool automatically\n- Formats output for hunters"
},
"typeVersion": 1
},
{
"id": "3cb80e59-054b-4d8f-8786-e63595b888ec",
"name": "Note adhésive3",
"type": "n8n-nodes-base.stickyNote",
"position": [
320,
352
],
"parameters": {
"width": 248,
"height": 196,
"content": "### 🔧 GEMINI LLM\n\n**Config**: Use gemini-2.5-pro\n**Auth**: Google PaLM API credentials\n\n**Note**: Can substitute with other models if needed"
},
"typeVersion": 1
},
{
"id": "f0e4251b-f830-47a9-8709-63b37472f9ff",
"name": "Note adhésive4",
"type": "n8n-nodes-base.stickyNote",
"position": [
912,
368
],
"parameters": {
"width": 264,
"height": 200,
"content": "### 📡 HTTP FETCHER\n\n**Target**: HackerOne JSON API\n**Method**: GET request\n**Security**: No hardcoded credentials\n\n**Auto-called** by AI agent with URL from chat"
},
"typeVersion": 1
}
],
"active": true,
"pinData": {},
"settings": {
"executionOrder": "v1"
},
"versionId": "8fbd7882-d242-44cd-a45c-ef598ba294d8",
"connections": {
"ce8f1868-70e3-4b0a-8e6c-6078359b7d9e": {
"ai_tool": [
[
{
"node": "5f51af95-aa06-43f8-b7c9-c5ff5a4298cb",
"type": "ai_tool",
"index": 0
}
]
]
},
"5f51af95-aa06-43f8-b7c9-c5ff5a4298cb": {
"main": [
[]
]
},
"Google Gemini Chat Model": {
"ai_languageModel": [
[
{
"node": "5f51af95-aa06-43f8-b7c9-c5ff5a4298cb",
"type": "ai_languageModel",
"index": 0
}
]
]
},
"When chat message received": {
"main": [
[
{
"node": "5f51af95-aa06-43f8-b7c9-c5ff5a4298cb",
"type": "main",
"index": 0
}
]
]
}
}
}Foire aux questions
Comment utiliser ce workflow ?
Copiez le code de configuration JSON ci-dessus, créez un nouveau workflow dans votre instance n8n et sélectionnez "Importer depuis le JSON", collez la configuration et modifiez les paramètres d'authentification selon vos besoins.
Dans quelles scénarios ce workflow est-il adapté ?
Intermédiaire - Opérations de sécurité, Résumé IA
Est-ce payant ?
Ce workflow est entièrement gratuit et peut être utilisé directement. Veuillez noter que les services tiers utilisés dans le workflow (comme l'API OpenAI) peuvent nécessiter un paiement de votre part.
Workflows recommandés
注重隐私de路由器:增强型PII检测flux de travail
AI隐私保护路由器:PII检测,保障隐私、安全et合规性
Code
Switch
Agent
+
Code
Switch
Agent
20 NœudsCharles
Opérations de sécurité
Détecteur de réservations frauduleuses : identification de transactions de voyage suspects avec l'IA
Détecteur de réservations frauduleuses : identification des transactions de voyage suspectes avec Google Gemini
If
Set
Code
+
If
Set
Code
20 NœudsOneclick AI Squad
Opérations de sécurité
De données non structurées à des données structurées
Plan d'action : traitement des sources de messagerie et tableaux de données avec des modèles OpenAI
Data Table
Gmail Trigger
Data Table Tool
+
Data Table
Gmail Trigger
Data Table Tool
16 NœudsDavide
Extraction de documents
Notification des comptes-rendus de réunions
Utiliser Gemini AI et les notifications Slack pour automatiser le résumé des notes de réunion
Set
Code
Slack
+
Set
Code
Slack
16 NœudsSayone Technologies
Résumé IA
Bulletin hebdomadaire sur les films de Hollywood automatisé avec Tavily et Gemini
Bulletin hebdomadaire sur les films d'Hollywood automatisé avec Tavily et Gemini
Gmail
Agent
Http Request Tool
+
Gmail
Agent
Http Request Tool
11 NœudsManav Desai
Réseaux sociaux
Automatisation de l'extraction de métadonnées et de variables de papiers académiques, de Gemini vers Google Sheets
Automatisation de l'extraction de métadonnées et de variables d'articles académiques, de Gemini vers Google Sheets
Set
Code
Wait
+
Set
Code
Wait
39 NœudsOwenLee
Extraction de documents
Informations sur le workflow
Niveau de difficulté
Intermédiaire
Nombre de nœuds9
Catégorie2
Types de nœuds5
Description de la difficulté
Auteur
Liens externes
Voir sur n8n.io →
Partager ce workflow