Webhooks
Webhooks are Trigger based, notifications will be sent when a particular event occurs
To show the workings of webhooks, we'll try and integrate webhooks with Discord
Example: Discord Notifications with Webhooks
Pre-requisites
A Discord Server with access to create Webhook URLs
BugBase Company Account with an Active Program
Helpful Links
π¨βπΌCreate a Company AccountπPrograms at BugBaseCreating a Webhook - Discord
Before starting the setup, ensure you are logged into your Discord Account and have alteast 1 channel in your Discord server.
Create a new channel (or you can use an existing one) in your Discord server.
For this example we will use the
#bugbase-webhookchannel.
Click on the settings for the channel, navigate to the integrations tab and click on add a new webhook
channel > settings > integrations > create webhookOnce you click on
Create Webhooka page will open asking you to enter a name for the webhook and choose a channel. Enter a name for the webhook and select the#bugbase-webhookchannel.
Click on the
Save Changesbutton and copy the webhook URL. The webhook URL will look something like this:https://discord.com/api/webhooks/123456789/abcdefghijklmnopqrstuvwxyz
Adding the Discord Webhook in BugBase
Navigate to the integrations tab located in the settings page of your BugBase Program.
Click on the
Addbutton on the Webhooks Integration Card.A modal will appear in which you will need to enter the
Webhook URL,params,headers,triggersand thebody.
Enter your
Webhook URLand choose the method asPOST. Theparamsandheadersare optional.
Discord provides it's Webhook execution documentation, refer the embed below
You can select multiple triggers for your webhook. The list of all available triggers are given below:
List of triggers for your webhooks:
For Reports
New Report is SubmittedReport is TriagedReport priority is changedNew message sent in report chatReward is assigned to the ReportReport is marked as DuplicateReport is marked as InvalidReport is marked as ResolvedReport is marked as InformationalReport is Closed
For Vulnerabilities
New Vulnerability is ReportedVulnerability is marked as ResolvedVulnerability is marked as IgnoredVulnerability is marked as UnresolvedVulnerability is Retested
Using Template Variables
You can use template variables in your webhook body to dynamically insert report or vulnerability data. Wrap variable names in double curly braces {{variableName}} and they will be replaced with actual values when the webhook is triggered.
Available Variables for Reports
{{trigger}}
The trigger label (e.g., "New Report is submitted")
{{reportID}}
The unique ID of the report
{{description}}
The report description
{{report}}
The full report content
{{summary}}
Executive summary of the report
{{impact}}
Impact description
{{username}}
Username of the reporter
{{category}}
Category of the vulnerability
{{scope}}
The asset/scope URL
{{severity}}
Severity level of the report
{{status}}
Current status of the report
{{priority}}
Priority level
{{timestamp}}
ISO timestamp of when the webhook was triggered
{{triageTime}}
Time when report was triaged
{{isPrivate}}
Whether the report is private
{{isClosed}}
Whether the report is closed
Example: Static Message
In this example we would be using the New Report is Submitted trigger so that whenever a new report is submitted we will send a message to the Discord channel.
For the
bodyof this webhook we will use the following template:
Alternatively, discord also supports embeds
Use template variables to include report details in your webhook:
Embeds with template variables
Click on the
Save/Updatebutton. This will set the webhook up in BugBase.You can enable/disable the webhook as per your need.
Now the Webhook will send a message on Discord whenever a new report is submitted.
Preview of the Webhook
Simple Message
Embed
π Congratulations! You've successfully integrated a Webhook with your BugBase Program
Last updated
Was this helpful?