{"id":35183990,"url":"https://github.com/osamahamad/payout-targets-data","last_synced_at":"2026-04-01T21:48:49.073Z","repository":{"id":211015661,"uuid":"726366443","full_name":"osamahamad/payout-targets-data","owner":"osamahamad","description":"Provides public bug bounty programs in-scope data that offer rewards and monitors public bug bounty programs assets.","archived":false,"fork":false,"pushed_at":"2026-03-27T20:51:30.000Z","size":8787,"stargazers_count":99,"open_issues_count":3,"forks_count":16,"subscribers_count":5,"default_branch":"main","last_synced_at":"2026-03-28T00:22:45.986Z","etag":null,"topics":["bugbounty","bugbounty-tool","recon","reconnaissance","security-automation","security-tools"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/osamahamad.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2023-12-02T07:07:25.000Z","updated_at":"2026-03-27T20:51:34.000Z","dependencies_parsed_at":"2024-02-04T16:22:31.963Z","dependency_job_id":"6bc08bfd-30be-4fa1-9f38-102149067538","html_url":"https://github.com/osamahamad/payout-targets-data","commit_stats":null,"previous_names":["osamahamad/payout-targets-data"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/osamahamad/payout-targets-data","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/osamahamad%2Fpayout-targets-data","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/osamahamad%2Fpayout-targets-data/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/osamahamad%2Fpayout-targets-data/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/osamahamad%2Fpayout-targets-data/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/osamahamad","download_url":"https://codeload.github.com/osamahamad/payout-targets-data/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/osamahamad%2Fpayout-targets-data/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31292544,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-01T21:15:39.731Z","status":"ssl_error","status_checked_at":"2026-04-01T21:15:34.046Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bugbounty","bugbounty-tool","recon","reconnaissance","security-automation","security-tools"],"created_at":"2025-12-29T04:52:27.890Z","updated_at":"2026-04-01T21:48:49.066Z","avatar_url":"https://github.com/osamahamad.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Payout Targets Data Repository\n\n## Overview\nInspired by [bounty-targets-data](https://github.com/arkadiyt/bounty-targets-data) this repository provides the latest in-scope targets from various public bug bounty platforms (BBPs) that offer rewards. Updated every 30 minutes, it includes a data folder and key output files such as assets.out, wildcards.out, new_added_assets.out, and new_added_wildcards.out. These files are a valuable resource for security researchers, offering up-to-date information.\n\n\u003e **Note**\n\u003e This repository is 100% automated so there can be false positives/negatives, but in general is pretty accurate. an example is the fact that if a public program was suspended and got unsuspended from a platform, it will be treated as a new program therefore its assets will be considered as a new scope and be included ( Similar to a company launching a brand new BB program on one of the monitored platforms) .  \n\n## Repository Contents\n- **Data Folder**: Contains continuously updated targets from platforms like Bugcrowd, HackerOne, Hackenproof, Intigriti, Federacy, and YesWeHack. This folder includes only those targets offering rewards.\n- **assets.out**: A comprehensive list of unique assets across all monitored platforms, encompassing a wide range of in-scope items like mobile apps, source code, service names, child organization names, web hosts, and domain wildcards.\n- **wildcards.out**: A list of in-scope wildcard domains extracted from the bounty data.\n- **new_added_assets.out**: A file capturing newly identified assets since the last update. That means you can easily monitor all these platforms' new added in-scope assets or assets for new programs that just got launched and send notifications to your Telegram, Slack ..etc using a simple cronjob like this ``` */30 * * * * curl https://raw.githubusercontent.com/osamahamad/payout-targets-data/main/new_added_assets.out | notify -provider-config telegram.yaml``` or you can enter this telegram channel https://t.me/publicbbprogramsmonitor\n- **new_added_wildcards.out**: Shows newly identified wildcard domains since the last update. Running the above cron job for new_added_assets.out generally covers this, making a separate job for new_added_wildcards.out optional, or you can use it in a different way such as piping the results to your recon tools and keep your data about public programs up to date.\n\n\n## Data Update Process\nThe data in this repository is automatically updated every 30 minutes by an external script, which:\n- Fetches the latest data from public programs that offer rewards.\n- Filters and processes this data to identify new and unique targets based on the previous run.\n- Updates the repository with the latest findings.\n\n## Usage\nResearchers and security professionals can utilize this data for:\n- Conducting security research and vulnerability assessments.\n- Monitoring new targets in various bug bounty programs.\n- Enhancing security tools with current target data especially when you don't to waste your bandwidth on VDPS with large scopes.\n\n## Contributing\nContributions are welcome in the form of data analysis, additional data processing scripts, or suggestions for improvement. \n\n## License\nThis project is under the [MIT License](LICENSE).\n\n## Acknowledgements\n- Data sourced and processed based on information from [bounty-targets-data](https://github.com/arkadiyt/bounty-targets-data).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fosamahamad%2Fpayout-targets-data","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fosamahamad%2Fpayout-targets-data","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fosamahamad%2Fpayout-targets-data/lists"}