emojify

andrewjkerr · Jul 7, 2019 · 886982b · 886982b
1 parent 507100c
commit 886982b
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 10 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,5 @@
-# CHANGELOG
+# :rocket: CHANGELOG
 
-## Verison 0.01
+## :dizzy_face: Verison 0.01
 
 Initial version! This version includes all of the features that are listed in [the README](https://github.com/andrewjkerr/bug-bounty-in-a-box/blob/5c22b1762b86c2c5d83b9d86024e4dfd52fc01e0/README.md#callback-server).
diff --git a/README.md b/README.md
@@ -4,18 +4,18 @@ This repository contains all\* that you should need to get up and running to tes
 
 \* Ok, literally not _everything_ but it's a good start!
 
-## Project Status
+## :vertical_traffic_light: Project Status
 
 This is by no means "production ready"; there are still some server configuration options that need to be explored before this should be run in production.
 
-### To-do list
+### :shipit: To-do list
 
 1. Productionize the Sinatra callback server
 1. Add more payloads!
 1. Add more endpoints!
 1. Add "Development" guide
 
-## Quickstart
+## :running: Quickstart
 
 To get up & hacking, you'll need to:
 
@@ -29,13 +29,13 @@ To get up & hacking, you'll need to:
 1. Cross your fingers...
 1. Profit!
 
-## How does this work?
+## :information_desk_person: How does this work?
 
 This "bug bounty in a box" has two different components:
 1. A payload callback server
 1. A payload generator
 
-### Callback Server
+### :pager: Callback Server
 
 The callback server, written in Ruby & using [Sinatra](http://sinatrarb.com/), currently has the following capabilities:
 
@@ -54,7 +54,7 @@ In order to receive Slack callbacks, you'll need to set the appropriate `slack_u
 
 If you'd like to change either the frequency of the log rotation or the log filenames, check out the configuration file.
 
-### Payload Generator
+### :smiling_imp: Payload Generator
 
 The payload generator uses `.yml` files to generate a `.txt` files that contain a list of payloads that can be used in a tool like Burp Intruder.
 
@@ -82,7 +82,7 @@ payloads:
 
 The `CALLBACK_URL` will be replaced with whatever is passed in with the `--callback` flag with some added parameters of (1) a callback description & (2) the target.
 
-## Contributing
+## :raised_hands: Contributing
 
 Want to contribute? Great! Here's what you do:
 

diff --git a/SECURITY.md b/SECURITY.md
@@ -1,3 +1,11 @@
-# Reporting Security Advisories
+# :siren: Reporting Security Advisories
 
 Hello there! Did you find a security issue in this project? If so, please create a new [Security Advisory through GitHub](https://github.com/andrewjkerr/bug-bounty-in-a-box/security/advisories). Thanks!
+
+## :warning: Testing Instructions
+
+Please don't test _my_ particular production instance. Instead, please clone the repository and test it either locally or on your own server.
+
+## :no_good: Out of Scope
+
+1. Open redirects on the `/redirect` route. (That's kind of the whole point :sweat_smile:.)