Bug Bounty Automation with n8n Ep. 2

Hello again for the second episode of this series focusing on automating some processes in bug bounty using n8n workflows.

The workflow I'll show you here is more of a "standalone" workflow similar to the first article of the series (Link to it). In the following articles, I'll get more into workflows that you can combine together like Legos or whatever toys you were playing as a kid.

While doing some bug bounty, I was always finding myself refreshing the couple platforms I am using, hoping a new program would pop up and well, most of the time, the furthest I am from my computer, the more chance a new program appears. I started using occasionally https://bbradar.io/ which is doing a good job at listing programs on many different platforms. However, I wanted to receive a custom notification and figured I could do that for free with n8n, which is what I am showing in this article.

Note on AI:_ I'm not including any AI on purpose in the workflow I present. I feel like there is already enough content related to AI & Bug Bounty and it does a bit a disservice to the domain. But feel free to integrate some AI in your workflows, smartly ;)_

Why is it important to monitor new programs on your platform(s) of choice?

While it is not mandatory to start hunting at the minute a new program pops up, Bug Bounty works in a way that the first person raising the issue is the one getting paid. In order to reduce the chance of getting duplicates (or dups as some call them), I feel like it's quite useful putting in those couple of extra hours early after a program is released. Some more complicated issues will still require more time, but you might be able to get a couple of quick wins! Now let's see the actual workflow.

The n8n Workflow

Here is how it works:

1. Trigger: The workflow starts either:

• Automatically on a recurring schedule, or
• Manually on demand.

2. Parallel data fetching: Two sources are queried simultaneously, can be via a JSON API or via HTML page scraping.

3. Parsing: Each response is normalised into a common schema containing a name, unique ID, source platform, URL, visibility status, and timestamp.

4. Merge: Both parsed streams are combined into a single list.

5. Filter: Each item is checked for validity:

• Pass: item is real and publicly visible → continues downstream.
• Fail: item is a placeholder or private → discarded.

6. Upsert to data table: Valid items are inserted or updated in a data table, keyed by unique ID and source. New items receive a creation timestamp; existing ones are refreshed.

7. Detect new items: Each stored record is checked: if it was just created (creation and update timestamps are nearly identical), it is flagged as new and collected for reporting.

8. Build summary message: Once all branches have completed, a formatted alert message is assembled listing all newly detected items. If nothing is new, the flow stops here.

9. Initialization gate: A flag controls whether an alert should actually be sent, suppressing notifications on the very first run to avoid a flood of false positives.

10. Send alert: The summary message is dispatched to a Telegram channel.

So when a new program appears, I receive a notification mentioning the name of the new program and the link to the platform.

You might be wondering how I am sure that my recurring workflow didn't run into an error?

Bonus Workflow: Workflow Error Notification

A quick bonus: when running recurring workflows you don't actively monitor, it's useful to have something notify you when things go wrong. It is quite a simple workflow with an Error Trigger:

And then, in the recurring workflow, you can go in the settings and select this workflow to execute when in error.

Conclusion

That's it for this one. The workflow runs quietly in the background and pings me whenever something new shows up. I'm also planning to add scope/description change monitoring down the line.

Next episode will be less standalone and more modular, so things should start getting a bit more interesting. Stay tuned ◡̈

Benno (LinkedIn)