Top Bug Bounty Programmes You Can Participate in Today

Written by sam5epi0l | Published 2022/10/24
Tech Story Tags: bug-bounty | ethical-hacking | bug-bounty-programs | bugbounty | bug-bounty-hunters | vulnerability-disclosure | cyber-security | web-security

TLDRThe most comprehensive, up-to-date crowdsourced list of bug bounty and security vulnerability disclosure programs from across the web curated by the hacker community. The list includes the public bug bounty programs listed on [chaos.projectdiscovery.io] The list is not an invitation to hack any of the listed organizations: This is a list of government agencies that have bug bounty. The full list of BugCrowd and FireBounty bounty bounty programs is available on GitHub.com/BugCrowd.io.via the TL;DR App

Open Bug Bounty Community

https://www.openbugbounty.org/bugbounty-list/

The complete list of bug bounty and security vulnerability disclosure programs launched and operated by open bug bounty community.

Resources — Disclosure Email, Website security page, Number of reports fixed.

BugCrowd bug bounty list

https://www.bugcrowd.com/bug-bounty-list/

The most comprehensive, up-to-date crowdsourced list of bug bounty and security vulnerability disclosure programs from across the web curated by the hacker community.

Filters — Program Name, Bug Bounty eligible, Swag, Hall of Fame, Submission URL, Safe harbor.

Project Discovery Chaos web program list

https://github.com/projectdiscovery/public-bugbounty-programs

The JSON file includes the public bug bounty programs listed on chaos.projectdiscovery.io.

{ "name":"HackerOne", "url":"https://hackerone.com/security", "bounty": true, "swag": true, "domains":[ "hackerone.com", "hackerone.net", "hacker101.com", "hackerone-ext-content.com" ] }

Disclose DB program list

https://raw.githubusercontent.com/disclose/diodb/master/program-list.json

A true, community-powered, vendor-agnostic directory of all known VDP and BBPs, contact details, policy location, preferred languages, and the status of Safe harbor, Availability rewards, hall of fame, swag, and Disclosure policy.

FireBounty

https://firebounty.com/

Government VDPs

https://github.com/cablej/hack-your-government

Vulnerability disclosure policies and bug bounty programs are becoming standard across industry and government. Beginning with the U.S. Department of Defense, several government agencies worldwide have implemented vulnerability disclosure programs.

This is a list of government agencies that have bug bounty programs or vulnerability disclosure policies.

Note: This list is not an invitation to hack any of the listed organizations. Ensure that you comply with all listed terms of an organization’s vulnerability disclosure policy.

Includes details about — Organization, Type, Rewards, Link, Notes.

Google dorks List

https://github.com/sushiwushi/bug-bounty-dorks

List of Google Dorks to search for companies that have a responsible disclosure program or bug bounty program which are not affiliated with known bug bounty platforms such as HackerOne or BugCrowd.

If you found this article helpful 👇🏻

  1. https://buymeacoffee.com/sam5epi0l
  2. Comment your queries.
  3. Check out other articles.
  4. Open terminal — https://sam5epi0l.github.io/

Also Published here

Written by sam5epi0l | Security Researcher . Technical content writer . Freelancer . Linux nerd . Programmer
Published by HackerNoon on 2022/10/24
ABOUTHow hackers start their afternoons. We publish tech stories and build publishing software.

READEntirely free library read by hundreds of millions to learn anything about any technology.

WRITEHackerNoon elevates quality technology writing far and wide across the interwebs.

PARTNERHackerNoon works directly with tech companies to place ads by content relevancy