bounty-targets-data [](https://github.com/arkadiyt/bounty-targets-data/commits/master) [](https://github.com/arkadiyt/bounty-targets-data/blob/master/LICENSE.md)
June 30, 2026 ยท View on GitHub
What's it for
This repo contains data dumps of Hackerone and Bugcrowd scopes (i.e. the domains that are eligible for bug bounty reports). The files provided are:
Main files:
- domains.txt: full list of domains, without wildcards.
- wildcards.txt: full list of wildcard domains. Note: A program might have
*.example.comin-scope butexcluded.example.comout-of-scope so check your program rules before submitting reports.
Extra files:
- bugcrowd_data.json: raw Bugcrowd data.
- hackerone_data.json: raw Hackerone data.
- federacy_data.json: raw Federacy data.
- intigriti_data.json: raw Intigriti data.
- yeswehack_data.json: raw YesWeHack data.
Status
The last change was detected on Tuesday 06/30/2026 02:30 (UTC). New changes (if any) are picked up every 30 minutes.
Code
The code used to generate these files lives in the bounty-targets repo.
Getting in touch
Feel free to contact me on Signal: @arkadiyt.01