explaingit

arkadiyt/bounty-targets-data

Analysis updated 2026-07-03

3,731Audience · developerComplexity · 1/5Setup · easy

TLDR

A regularly updated data dump of bug bounty program scopes from HackerOne, Bugcrowd, Intigriti, and other major platforms, giving security researchers a single place to find which websites and services are currently open for testing.

Mindmap

mindmap
  root((bounty-targets-data))
    What it does
      Lists in-scope domains
      Wildcard domain entries
      Full raw JSON per platform
    Data Sources
      HackerOne
      Bugcrowd
      Intigriti
      YesWeHack
    Update Cadence
      Every 30 minutes
      Near real-time scope
    Use Cases
      Feed recon tools
      Filter by platform
      Build custom tooling
    Audience
      Security researchers
      Bug bounty hunters
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Download the plain-text domain list and pipe it into your recon or subdomain enumeration tool to quickly find testable targets.

USE CASE 2

Load the raw JSON files from a specific platform to filter bug bounty programs by reward range, asset type, or program age.

USE CASE 3

Set up a cron job that pulls the latest domain list every hour so your tooling always runs against current in-scope targets.

USE CASE 4

Check wildcard entries against a target before submitting a report to confirm the specific subdomain is not excluded.

What is it built with?

JSONText filesGitHub Actions

How does it compare?

arkadiyt/bounty-targets-dataaquasecurity/cloudsploitefforg/privacybadger
Stars3,7313,7313,731
LanguageJavaScriptJavaScript
Setup difficultyeasymoderateeasy
Complexity1/53/51/5
Audiencedeveloperops devopsgeneral

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · easy Time to first run · 5min
No license specified in the explanation, treat as all-rights-reserved until confirmed.

In plain English

This repository is a regularly updated data dump of bug bounty program scopes collected from major platforms including HackerOne, Bugcrowd, Intigriti, Federacy, and YesWeHack. Bug bounty programs are arrangements where companies invite security researchers to find and report vulnerabilities in their systems in exchange for a reward. Each program specifies which websites and services are in scope, meaning researchers are allowed to test them. The files in this repo give you a consolidated, ready-to-use list of those in-scope targets. The main files are a plain text list of domains (specific website addresses that are eligible for testing) and a separate list of wildcard domains (entries like .example.com, which cover all subdomains of a given site). Wildcard entries come with a caution: a program might allow .example.com but specifically exclude certain subdomains, so checking the individual program rules before submitting a report is important. Additional JSON files contain the full raw data from each platform, which includes more detail than the simplified domain lists. These are useful if you want to build tooling on top of the data or filter by specific program criteria. The files update every 30 minutes, so the list reflects near-current program scope changes. The code that fetches and processes this data lives in a separate companion repository called bounty-targets. This repository itself is just the output: a place to pull the latest scope data without having to run the scraper yourself. It is a practical reference for security researchers who want to know what is currently testable across the major bug bounty platforms without visiting each platform individually.

Copy-paste prompts

Prompt 1
Here is a list of bug bounty in-scope domains from bounty-targets-data: [paste domains]. Write a Python script that deduplicates them, strips subdomains, and outputs a sorted list of unique root domains.
Prompt 2
I have the raw JSON from bounty-targets-data for HackerOne. Write a script that parses it and prints only programs offering rewards above $500 for high-severity findings.
Prompt 3
Using the wildcard domains list from bounty-targets-data, write a Bash one-liner that feeds each entry into subfinder to enumerate live subdomains and saves results per domain.
Prompt 4
Help me write a GitHub Action that downloads the latest bounty-targets-data domain list every 6 hours and diffs it against the previous version so I get notified of new in-scope targets.

Frequently asked questions

What is bounty-targets-data?

A regularly updated data dump of bug bounty program scopes from HackerOne, Bugcrowd, Intigriti, and other major platforms, giving security researchers a single place to find which websites and services are currently open for testing.

What license does bounty-targets-data use?

No license specified in the explanation, treat as all-rights-reserved until confirmed.

How hard is bounty-targets-data to set up?

Setup difficulty is rated easy, with roughly 5min to a first successful run.

Who is bounty-targets-data for?

Mainly developer.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Scan in gitsafehub Deploy in gitdeployhub arkadiyt on gitmyhub

Verify against the repo before relying on details.