:dart: Information About Bug Bounty Program Targets
This is a hand-crafted list of domain names that were searched out by hand after
referring to the bug bounty web application portals operated by the commercial
entities HackerOne and BugCrowd.
When a wildcard is encountered in the target list such as “*.host.dom” various
DNS subdomain enumeration techniques are used to expand it into multiple subdomain
entries. DNS records which correspond to identical IP addresses are avoided; this
includes both singular and round robin resources.
Use of the “www” host for any domain is also prevented when possible. There are
several “www” hostnames included in the list, but only because it was impossible
to achieve full IP address coverage without it. Basically, this is an
exceptional case that usually only happens when both “host.dom” and “www.host.dom”
resolve to different numeric addresses and no other subdomain resolves to the
address for “www.host.dom”. The idea behind all this is that the “www.” string can
be programatically prepended to all host names since there may be host names
formatted like this: “www.sub.host.dom”.