Skip to content

threatcode/bugbounty

bugbounty

This JSON file controls the public bug bounty programs listed on threatcode.github.io. Please create a pull-request with the programs for which you'd like to see recon data.

We are currently accepting entries in JSON format. See an example below:

{
   "name":"HackerOne",
   "url":"https://hackerone.com/security",
   "bounty": true,
   "swag": true,
   "domains":[
      "hackerone.com",
      "hackerone.net",
      "hacker101.com",
      "hackerone-ext-content.com"
   ]
}

💬 Discussions

If you have any questions/doubts/ideas to discuss, please create a "Discussion" using the GitHub Discussions board.

👨‍💻 Community

You can also contact us at [email protected].

📋 Notes

  • Only domain name values are accepted in the domains field.
  • We do not support wildcard input like *.tld or *.tld.*.
  • domains field includes TLD names associated with the target program, not based on scope of the program.
  • Subdomains are populated using Passive API (chaos dataset).

Thank you for your contribution and for keeping the community vibrant. ❤️