Javier Rieiro
I’m Javier Rieiro, a hacker pushing the limits of no-code automation in cybersecurity. Here I show how I use n8n to transform bug bounty and pentesting automating reconnaissance, analysis, and reporting with custom workflows. If you want to see how no code meets offensive security, you’re in the right place.
Templates by Javier Rieiro
Automated CVE scanning of Bug Bounty programs with Nuclei and Project Discovery
Description Automates daily CVE-driven scanning against bug bounty scopes. It fetches bug-bounty domains, pulls newly published Project Discovery templates, converts them to Nuclei rules, runs targeted scans, and emails findings. Objective Help security researchers and bug bounty hunters discover exploitable instances quickly by automatically running the latest public templates from Project Discovery against a consolidated bug-bounty scope. Reduce manual steps and maintain continuous reconnaissance. How it works The workflow accepts or fetches a domain list that covers HackerOne, Bugcrowd, Intigriti, and YesWeHack. It downloads the latest public templates from Project Discovery. For each new template published since the last run it: creates a file, uploads it to a remote host, and converts it to a Nuclei-compatible YAML. It uploads a consolidated domains wordlist to the remote host. It executes Nuclei with the new templates against the domains list using configured flags (concurrency, rate limits, severity tags). It collects and deduplicates Nuclei output. If results exist, it sends the findings via Gmail. Requirements • SSH access (root or equivalent) to a VPS or host. • Nuclei installed on the remote host. • Gmail OAuth2 credentials for sending notifications. • Recommended: VPS with enough CPU and network capacity for concurrent scanning when scope is large.
By Javier RieiroScan single URLs for security vulnerabilities with GPT-4 (JS, PHP, Python)
Overview This workflow automates static security analysis for JavaScript, PHP, and Python codebases. It’s designed for bug bounty hunters and security researchers who need fast, structured, and AI-assisted vulnerability detection across multiple sources. --- Features 🤖 AI-Powered Analysis: Specialized agents for each language: AI JavaScript Expert AI PHP Expert AI Python Expert Each agent detects only exploitable vulnerabilities (AST + regex heuristics). Returns strict JSON with: json { "results": [ { "url": "file or URL", "code": "lines + snippet", "severity": "medium|high|critical", "vuln": "vulnerability type" } ] } 🧩 Post-Processing: Cleans, formats, and validates JSON results. Generates HTML tables with clear styling for quick visualization. --- Output ✅ JSON vulnerability reports per file. 📊 HTML table summaries grouped by language and severity. --- Usage Import the workflow into n8n. Configure credentials: OpenAI API key GitHub API Key Google Drive API Key Run via the provided webhook form. Select analysis mode and input target. View structured vulnerability reports directly in n8n or Google Drive. --- Notes Performs static analysis only (no code execution). Detects exploitable findings only; ignores low-impact issues. ---
By Javier RieiroAutomate CVE detection with AI-powered Nuclei template generation & Google Drive
Short description Automates collection, technical extraction, and automatic generation of Nuclei templates from public CVE PoCs. Converts verified PoCs into reproducible detection templates ready for testing and distribution. Purpose Provide a reliable pipeline that turns public proof-of-concept data into usable detection artifacts. Reduce manual work involved in finding PoCs, extracting exploit details, validating sources, and building Nuclei templates. How it works (technical summary) Runs a scheduled SSH job that executes vulnx with filters for recent, high-severity PoCs. Parses the raw vulnx output and splits it into individual CVE entries. Extracts structured fields: CVE ID, severity, title, summary, risk, remediation, affected products, POCs, and references. Extracts URLs from PoC sections using regex. Validates each URL with HTTP requests. Invalid or unreachable links are logged and skipped. Uses an AI agent (OpenAI via LangChain) to extract technical artifacts: exploit steps, payloads, endpoints, raw HTTP requests/responses, parameters, and reproduction notes. The prompt forces technical-only output. Sends the extracted technical content to ProjectDiscovery Cloud API to generate Nuclei templates. Validates AI and API responses. Accepted templates are saved to a configured Google Drive folder. Produces JSON records and logs for each processed CVE and URL. Output Nuclei templates in ProjectDiscovery format (YAML) stored in Google Drive. Structured JSON per CVE with metadata and extracted technical details. Validation logs for URL checks, AI extraction, and template generation. Intended audience Bug bounty hunters. Security researchers and threat intel teams. Automation engineers who need reproducible detection templates. Setup & requirements n8n instance with workflow imported. SSH access to a host with vulnx installed. OpenAI API key for technical extraction. ProjectDiscovery API key for template generation. Google Drive OAuth2 credentials for storing templates. Configure schedule trigger and target Google Drive folder ID. Security and usage notes Performs static extraction and validation only. No active exploitation. Processes only PoCs that meet configured filters (e.g., CVSS > 6). Use responsibly. Do not target systems you do not own or have explicit permission to test.
By Javier Rieiro