Automating Bug Bounty with N8n

Summary

I was recently introduced to an automation tool called n8n (read nodemation). It’s a no-code automation platform that uses nodes to build workflows and seamlessly integrates with AI. What sets n8n apart from many other automation tools is that it’s open-source, can be self-hosted, and offers nearly limitless integration options.While this tool is great for all sorts of automation I wanted to focus on using n8n to automate some of the repetitive steps during bug bounties. There were 3 steps of the enumeration process that we needed to automate: Subdomain enumeration, directory enumeration, and screenshot capture.Another goal of this project was to allow for ease of use and collaboration so instead of running everything in the n8n platform I decided to execute everything from a discord bot and print all the results to a channel.I have separated this article into 5 different sections. We will create the n8n server, then create the working server, setup the n8n workflows, reviewing the bash scripts for automation, and setting up the Discord Bot.Creating the n8n server:To get started we needed to find a place to host our instance of n8n. I already use a Digital Ocean instance to do most of my bug bounty work so I decided to just start a new instance for n8n.Under Choose an image select Marketplace and search “Docker”. Select Docker latest on Ubuntu. Because we are just running basic commands we don’t need anything fancy. The cheapest option will work just fine. Note: At this point you can run n8n just like this but because we are connecting this to Discord we need a domain so we can make the connection.Purchase a domain from any of the major domain providers. Hostgator, Cheapname, Dreamhost, or GoDaddy are all great options.Point your domain name to the IP address of your Digital Ocean instance. In this example I used Cloudflare and just made an A record that points to the IP of my Digital Ocean n8n instance. After a few hours everything should propagate and you should b...