
Ask HN: What kind of service would be best at a URL that suggests malevolence? - arthurcolle
I bought evil.app a few years ago after Google acquired and opened up this HSTS-only ccTLD, but forgot about it until now. I&#x27;ve been thinking about building a simple service to allow enterprises to run phishing campaigns but it seems like this is done by a number of vendors. I fail phishing tests all the time at my employer (I am a distracted guy) so this seems like a reasonable idea, but I think maybe a different angle might be better.<p>You always see these snippets of documentation that refer to &quot;evil.com&quot; or &quot;evilapp.com&quot; in reference to malicious computer actors, so I thought it might be even useful as a developer resource or even as a kind of API-gateway for other domains to use as a catch all for their own phishing campaigns&#x2F;internal scans. This space seems super crowded but I think it&#x27;s a huge threat to web security, and was curious what this crowd thinks.
======
arthurcolle
To add to this, I know that there is a stigma for buying domain names and then
twiddling one's thumbs thinking about use cases, but I couldn't resist in this
case, and I've been busy at work but with memorial day weekend, I just thought
it would be worth discussing what this domain evokes in one's mind, and what
you think would make sense to build here (other than like alien abductions as
a service) /s

------
Nextgrid
A service that calls out malevolence, whether it's privacy violations or just
nasty business practices. People can check whether an app/service is evil by
looking it up on evil.app.

