### Install IBB from Git repository Source: https://github.com/infosec-us-team/ibb/blob/main/README.md Clone the repository and use this command to install IBB locally. Ensure you have Rust and Cargo installed. ```sh git clone https://github.com/infosec-us-team/ibb cd ibb cargo install --path . ``` -------------------------------- ### Install IBB from crates.io Source: https://github.com/infosec-us-team/ibb/blob/main/README.md Use this command to install the IBB binary if you have Rust and Cargo set up. The binary will be placed in your CARGO_INSTALL_ROOT. ```sh cargo install ibb ``` -------------------------------- ### Pretty-print Program Data with jq and less Source: https://context7.com/infosec-us-team/ibb/llms.txt Use this command to pretty-print all program data and pipe it through a pager for easier viewing. Requires `jq` and `less` to be installed. ```sh ibb 0x | jq '.' | less ``` -------------------------------- ### List All Programs with IBB Source: https://github.com/infosec-us-team/ibb/blob/main/README.md Use this command to get a list of all available bug bounty programs. The output is a JSON array of program names. ```sh > ibb ["layerzero", "stargate", "sky", "sparklend", "reserve"... ``` -------------------------------- ### Filter Program Fields with Nested Fields using IBB Source: https://github.com/infosec-us-team/ibb/blob/main/README.md Further refine your search by chaining multiple nested fields to filter the output precisely. This example shows how to get the 'title' of 'bounty impacts' for a program. ```sh > ibb moonbeamnetwork bounty impacts title [ "DoS of greater than 10% but less than 30% of validator or miner nodes and does not shut down the network", "An exploit underpricing transaction fees relative to computation time", "Framing sensitive pages leading to financial loss (ClickJacking)", "Any impact involving a publicly released CVE without a working PoC", "An attack causing an unintended chain split (Network partition)", "An attack causing transient consensus failures; which recover without manual intervention", "Spoofing content on the target application (Persistent)", "Users Confidential information disclosure such as Email", "Privilege escalation to access unauthorized functionalities", "Taking down the application/website", "An attack causing high compute consumption by validator/mining nodes", "Attacks that are limited to thin clients and cannot be exploited against full nodes", "DoS of greater than 30% of validator or miner nodes and does not shut down the network", "An attack causing an RPC API crash", "Changing details of other users without direct financial impact (CSRF)", "Third-Party API keys leakage that demonstrates loss of funds or modification on the website", "Redirecting users to malicious websites (open redirect)", "A bug in layer 1 blockchain code resulting in unintended smart contract behavior (no concrete funds at risk)", "An attack triggering the network not being able to confirm new transactions (Total network shutdown)", "An attack causing an unintended permanent chain split requiring hard fork (Network partition requiring hard fork)", "An attack causing direct loss of funds", "An attack causing permanent freezing of funds (fix requires hardfork)", "An attack causing the minting/creation of network utility tokens (MOVR/GLMR) outside of the normal, on-chain inflation mechanism", "Ability to execute system commands", "Extract Sensitive data/files from the server such as /etc/passwd", "Stealing User Cookies", "Signing transactions for other users", "Redirection of user deposits and withdrawals", "Wallet interaction modification resulting in financial loss", "Subdomain takeover resulting in financial loss (applicable for subdomains with addresses published)", "Direct theft of user funds", "Tampering with transactions submitted to the user’s wallet", "Submitting malicious transactions to an already-connected wallet" ] ``` -------------------------------- ### Extract and Sort Bounty Impact Titles Source: https://context7.com/infosec-us-team/ibb/llms.txt This command extracts all bounty impact titles for a given program and sorts them alphabetically. Ensure `jq` is installed for sorting. ```sh ibb moonbeamnetwork bounty impacts title | jq 'sort' ``` -------------------------------- ### Get Full Bug Bounty Program Details Source: https://context7.com/infosec-us-team/ibb/llms.txt Provide a program slug as the first argument to retrieve the complete JSON object for that bug bounty program. This includes all metadata, assets, and bounty tiers. ```sh ibb moonbeamnetwork # Expected output (truncated): { "id": 1234, "slug": "moonbeamnetwork", "name": "Moonbeam Network", "maxBounty": 1000000, "assets": [...], "bounty": {...}, "programDocumentations": [...], ... } ``` -------------------------------- ### List All Bug Bounty Program Slugs Source: https://context7.com/infosec-us-team/ibb/llms.txt Run `ibb` with no arguments to fetch a JSON array of all program slugs. These slugs are identifiers for subsequent queries. ```sh ibb # Expected output: ["layerzero", "stargate", "sky", "sparklend", "reserve", "moonbeamnetwork", "0x", ...] ``` -------------------------------- ### Find Program Documentation Recursively with IBB Source: https://github.com/infosec-us-team/ibb/blob/main/README.md Recursively search for any field, such as 'programDocumentations', across all programs. This is useful for finding specific types of information like documentation URLs. ```sh > ibb 0x programDocumentations [ { "createdAt": "2024-10-25T14:41:27.620Z", "description": "Program Documentation", "id": 51, "programId": 2249, "title": "0x Documentation", "updatedAt": "2024-10-25T14:41:27.620Z", "url": "https://0x.org/docs/" }, { "createdAt": "2024-10-25T14:43:28.812Z", "description": "Further Documentation", "id": 52, "programId": 2249, "title": "0x Documentation", "updatedAt": "2024-10-25T14:43:28.812Z", "url": "https://0x.org/docs/developer-resources/settler" } ] ``` -------------------------------- ### Query Program Documentation Links Source: https://context7.com/infosec-us-team/ibb/llms.txt Access the `programDocumentations` field to retrieve all documentation entries, including their titles, URLs, and timestamps. ```sh ibb 0x programDocumentations # Expected output: [ { "createdAt": "2024-10-25T14:41:27.620Z", "description": "Program Documentation", "id": 51, "programId": 2249, "title": "0x Documentation", "updatedAt": "2024-10-25T14:41:27.620Z", "url": "https://0x.org/docs/" }, { "createdAt": "2024-10-25T14:43:28.620Z", "description": "Further Documentation", "id": 52, "programId": 2249, "title": "0x Documentation", "updatedAt": "2024-10-25T14:43:28.620Z", "url": "https://0x.org/docs/developer-resources/settler" } ] ``` -------------------------------- ### Show Details for a Specific Program with IBB Source: https://github.com/infosec-us-team/ibb/blob/main/README.md Retrieve detailed information for a single bug bounty program by specifying its name. The output is a JSON object containing all program details. ```sh > ibb moonbeamnetwork #...a JSON object with all details will be printed ``` -------------------------------- ### Pipe Output into Other CLI Tools Source: https://context7.com/infosec-us-team/ibb/llms.txt Leverage `ibb`'s valid JSON output for seamless integration with standard Unix tools like `jq` for further processing and analysis. ```sh # Count the number of in-scope assets for a program ibb moonbeamnetwork assets url | jq 'length' # Search all program slugs for those containing "defi" ibb | jq '.[] | select(test("defi"))' ``` -------------------------------- ### Filter Program Details by Field with IBB Source: https://github.com/infosec-us-team/ibb/blob/main/README.md Filter the output for a specific program by requesting details for a particular field, such as 'assets' or 'urls'. You can also specify nested fields. ```sh > ibb moonbeamnetwork assets [ { "addedAt": "2022-04-20T20:27:06.665Z", "description": "Blockchain - Moonbeam", "id": "5Uv4I8GXpfWeu9SX6b5Jhz", "isPrimacyOfImpact": null, "isSafeHarbor": null, "type": "blockchain_dlt", "url": "https://github.com/PureStake/moonbeam" }, #... more JSON objects here ``` ```sh > ibb moonbeamnetwork assets url [ "https://github.com/PureStake/moonbeam", "https://github.com/PureStake/nimbus", "https://github.com/PureStake/crowdloan-rewards", "https://github.com/paritytech/frontier", "https://github.com/ethereum-lists/chains/blob/master/_data/chains/eip155-1285.json", "https://github.com/ethereum-lists/chains/blob/master/_data/chains/eip155-1287.json", "https://github.com/ethereum-lists/chains/blob/master/_data/chains/eip155-1287.json", "https://apps.moonbeam.network", "https://crowdloan.moonbeam.foundation/", "https://moonbeam.network/", "https://moonbeam.foundation/" ] ``` -------------------------------- ### Save Asset URLs to a File Source: https://context7.com/infosec-us-team/ibb/llms.txt Redirect the output of this command to save all asset URLs for a specific program to a JSON file. This is useful for offline analysis or integration into other tools. ```sh ibb stargate assets url > stargate_assets.json ``` -------------------------------- ### Filter by Top-Level Field Source: https://context7.com/infosec-us-team/ibb/llms.txt Specify a field name after the program slug to extract only that field's data. If the field is an object, it will be wrapped in an array. ```sh ibb moonbeamnetwork assets # Expected output: [ { "addedAt": "2022-04-20T20:27:06.665Z", "description": "Blockchain - Moonbeam", "id": "5Uv4I8GXpfWeu9SX6b5Jhz", "isPrimacyOfImpact": null, "isSafeHarbor": null, "type": "blockchain_dlt", "url": "https://github.com/PureStake/moonbeam" }, { "addedAt": "2022-05-10T10:00:00.000Z", "description": "Blockchain - Nimbus", "id": "7Xk2J9MqrTwBv3SY5c8Kpn", "type": "blockchain_dlt", "url": "https://github.com/PureStake/nimbus" } ] ``` -------------------------------- ### Deep Nested Field Traversal Source: https://context7.com/infosec-us-team/ibb/llms.txt Chain multiple nested field arguments to drill arbitrarily deep into the JSON structure. The tool recursively searches and collects matching values from all levels of nesting. ```sh ibb moonbeamnetwork bounty impacts title # Expected output: [ "DoS of greater than 10% but less than 30% of validator or miner nodes and does not shut down the network", "An exploit underpricing transaction fees relative to computation time", "An attack causing direct loss of funds", "An attack causing permanent freezing of funds (fix requires hardfork)", "Direct theft of user funds", "Tampering with transactions submitted to the user's wallet", "Submitting malicious transactions to an already-connected wallet", ... ] ``` -------------------------------- ### Extract Nested Field from Top-Level Field Source: https://context7.com/infosec-us-team/ibb/llms.txt Chain additional field names to recursively traverse the JSON structure and collect matching values. This is useful for extracting a single property from each object within an array. ```sh ibb moonbeamnetwork assets url # Expected output: [ "https://github.com/PureStake/moonbeam", "https://github.com/PureStake/nimbus", "https://github.com/PureStake/crowdloan-rewards", "https://github.com/paritytech/frontier", "https://apps.moonbeam.network", "https://moonbeam.network/", "https://moonbeam.foundation/" ] ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.