Recon Royale 👑

Recon Royale is an exciting competitive platform where participants submit subdomains for a specified target domain. Players accumulate points based on the accuracy of their submissions, striving to achieve the prestigious title of King.

Are you the best at recon? Prove it! 🏆

Benchmark your data against others and show your skills. Compete with your friends and the community. Have fun! 🎉

To participate, log in with your X account, then submit a text file containing subdomains for the current target domain. Make sure that your text file contains one subdomain per line. 📄

Your file should be a plain text file with one subdomain per line. Here is an example:

    about.att.com
    adip-api-xandr.att.com
    adserversl.att.com
    aegis.att.com
    afmfe18.att.com
    aiq-in.att.com
    attvideo.att.com
                        

Your submitted subdomains are processed and validated to determine your points for the current round. They are temporarily stored in our database to reduce the load on our DNS resolver if another participant submits the same subdomains. At the end of each round, all subdomain records are removed from our database. We do not keep or use your submitted subdomains for any purpose other than the game mechanics. 🔒

No, we will not steal your subdomains and private techniques. We will not use your submitted subdomains for any other purpose beyond the game mechanics. 🚫

Subdomains are processed by first filtering them to ensure they match the current target domain and contain valid characters. They are then checked against a database for existing records. New subdomains are validated using DNS queries to confirm their existence and validity. Wildcard subdomains are considered to be invalid. ✅❌

We do not show which subdomains are valid or invalid. This is to prevent participants from using Recon Royale as a free DNS resolver. 🔍

You earn one point for each valid subdomain with a DNS record. You lose one point for each invalid subdomain. 📈📉

The maximum number of subdomains you can submit per round is capped at 100,000. If all of your submitted subdomains are valid, you could potentially earn up to 100,000 points in a single round. However, keep in mind that invalid subdomains will deduct points, so the actual maximum may vary depending on the accuracy of your subdomain list.. 💯

You can change your badge and title by clicking on it right below your handle in the top-section.

Complete achievements! Each completion gives you access to a new title as well as the achievement's badge. You can then combine them as you like to form your own flair.

We currently use CloudFlare's and Google's DoH (DNS over HTTPS) service to process subdomains. We check for A, AAAA, CNAME, NS, MX and TXT records.

DoH is a DNS-over-HTTPS service that is free and highly reliable.

We proxy all of our requests through AWS Lambda to avoid any rate limiting issues.

This system is in beta and subject to change.

Our backend uses database checks before resolving DNS queries to see if someone else submitted the same subdomain before you. If there is any DNS inconsistency, it will be stored in the database as-is.

Here's an example:

This way, no matter what happens, all participants will be affected equally.

No, you can only submit a file once per round. ⏳

We have implemented a failsafe mechanism to reject submissions that have more than 90% invalid results and took too long to process. Specifically, if the chunk processing time exceeds 300 seconds and the invalid ratio is greater than 0.9, the failsafe will be triggered, and the submission will be rejected.

Each round ends at midnight UTC+2 every day. 🕛

The top participant in the warriors leaderboard is awarded a crown. 👑

The target changes and a new round begins. 🔄

You can become the king by having the most crowns! 👑

If there is already a king, you can overtake them by gaining one more crown than them. 🔥

If there is a tie, the participant who submitted first will be the winner. 🥇

Targets are selected from public bug bounty programs and/or Vulnerability Disclosure Programs (VDPs). 🎯

It's easy to implement and most bug bounty hunters have an X account. 👍

You can automate your submission using our API endpoints. Here's how:

Generate an API key by clicking the button below:

Use the API key to submit your subdomains via a POST request to the /api/submit-via-apikey endpoint.

Here's an example HTTP request:

    POST /api/submit-via-apikey HTTP/1.1
    Host: recon-royale.com
    User-Agent: Mozilla/5.0 
    Accept: application/json
    Content-Type: application/json
    X-API-Key: your_api_key_here
    Content-Length: 157

    {
        "subdomains": [
            "subdomain1.example.com",
            "subdomain2.example.com",
            "subdomain3.example.com",
            "subdomain4.example.com",
            "subdomain5.example.com"
        ]
    }
                        

You can also use this one-liner to submit a file directly from your terminal:

echo '{"subdomains":'$(cat your_file.txt | jq -R -s -c 'split("\n")[:-1]')'}' > subdomains.json && curl -X POST -H "Content-Type: application/json" -H "X-API-Key: {your_api_key_here}" -d @subdomains.json https://recon-royale.com/api/submit-via-apikey

Replace your_api_key_here with yours, and your_file.txt with the path to your file containing subdomains (one per line).

You can also get the current target domain using this API endpoint:

curl -X GET -H "X-API-Key: {your_api_key_here}" https://recon-royale.com/api/current-target-via-apikey

Example response:

    {
        "domain": "example.com"
    }