This repo contains data dumps of Hackerone and Bugcrowd scopes (i.e. the domains that are eligible for bug bounty reports). The files provided are:
Main files:
- domains.txt: full list of domains, without wildcards.
- wildcards.txt: full list of wildcard domains. Note: A program might have
*.example.com
in-scope butexcluded.example.com
out-of-scope so check your program rules before submitting reports.
Extra files:
- bugcrowd_data.json: raw bugcrowd data.
- hackerone_data.json: raw hackerone data.
- hackerone_schema.graphql: hackerone's graphql api schema.
The last change was detected on Thursday 12/07/2017 07:36 (UTC). New changes are picked up hourly.
The code used to generate these files lives in the bounty-targets repo.
Feel free to contact me on twitter: https://twitter.com/arkadiyt