Show HN: I built a site that maps the web from a bounty hunter's perspective

https://www.neobotnet.com/
I built this because I wanted my own directory of public companies running bug bounty programs — where I could see their infrastructure in one place and have a real idea of where to start poking holes.

Neobotnet collects intel data from companies on HackerOne and Bugcrowd — subdomains, DNS records, web servers with status codes, indexed/crawled URLs, JS files, and exposed secrets/paths (still building this last part). The data is already there when you need it. No scans to run.

Currently tracking 41 companies, 63,878 web servers, and 1.8M+ URLs.

Long term I want to expand this to startups that depend on cloud infrastructure so they can see what's publicly accessible.

Made a free sample with Capital One's data (and other companies) so you can see what it looks like without signing up: https://freerecon.com

Original Page: https://neobotnet.com

Feedback very welcome.

Comments

hexadecMar 25, 2026, 8:32 PM
I am not seeing the long term, what is the value of this over a Shodan API key? They both crawl public IPs and explore subdomains for exposed resources.

Short term, if you have limited the view to companies only with bug bounty programs, it seems useful if you want to complete a bug bounty but don't know where to start. But the mapping of public resources has already been done.

I think showing URLs with sensitive params exposed, services using default creds, or some extra value add over a commodity scanner would be valuable. But then you would just be running a bug bounty/ pentesting AI service for bigger enterprises.

caffeinedoomMar 25, 2026, 8:48 PM
Great feedback! I have some of these questions myself, which makes me think about where I'd like to take neobotnet. The URL data needs to be more refined and provide actionable insights to security teams and devs so they can take appropriate actions with the data. There's more to explore within this data, such as JS and API reconnaissance as also possible client side issues. I'm looking to gather user feedback to polish the tool. Thanks for the comment.
Areena_28Mar 26, 2026, 12:58 PM
Hey, cool project! We run a bug bounty at Mitigata. If you're looking to add more targets, I'd be happy to connect you with the right person if that's useful.
caffeinedoomMar 26, 2026, 2:15 PM
thank you :) happy to connect and add more targets. please, reach out to me through X at @caffeinedoom or email at sam@neobotnet.com
rmonvferMar 25, 2026, 8:50 PM
I like the idea but the fake scarcity really puts me off. Most technical people are usually very wary of it, and that seems like your target audience.
caffeinedoomMar 25, 2026, 8:53 PM
had to pump up the available spots and do some hot fixes on the fronted. my apologies pal. i'm learning idea validation atm.
freeplayMar 25, 2026, 7:46 PM
By time I got signed in, I missed the early adopter spots. Any chance you could open up a couple more?
caffeinedoomMar 25, 2026, 8:39 PM
hey freeplay! I added 5 more spots. Thank you so much for using Neobotnet.
freeplayMar 25, 2026, 8:43 PM
Thanks! Just grabbed one.
Taipan_EnigmaMar 25, 2026, 7:15 PM
[dead]
AmelieQiaoMar 26, 2026, 9:36 AM
[dead]
dailoxxxxMar 24, 2026, 9:47 AM
[flagged]
QubridAIMar 25, 2026, 8:19 PM
[flagged]