For Researchers

Twitter Login		HOW IT WORKS Download presentation and learn how our service works PDF, 1MB
Report a Vulnerability
Browse Bug Bounty Programs
Write a Blog Post
Ask a Question

For Owners

Start a Bug Bounty		HOW IT WORKS Download presentation and learn how our service works PDF, 1MB
Ask a Question
API

Hall of Fame

Top Security Researchers

Acknowledgements
About

  About the Project

  Latest Reports

  Contact Us
Forum
Blog

Overpaying Bug Bounty Management Fees?

Try Crowd Security Testing at Open Bug Bounty Platform

Open Bug Bounty is an open, disintermediated, cost-free, and community-driven Bug Bounty

platform for coordinated, responsible and ISO 29147 compatible vulnerability disclosure

Open Bug Bounty

Community helped fix

278,665 vulnerabilities

Testimonials About Our Security Researchers

Josef Nedstam from IKEA IT

"Donkey provided professional help and we are grateful for the discovery of these unfortunate vulnerabilities. Don't hesitate to contact this researcher if your site has reported issues"

Omey from Dell

"Thank you for your great assistance for finding XSS vulnerability on our site. Keep it up....."

Silas from Virgin Australia

"Dan is incredibly professional, very responsive and a pleasure to work with. Many thanks!"

Josef Krycha from Canon Europe Ltd.

"DrStache reported multiple vulnerabilities in Canon websites ranging form reflected XSS's, SQL injections to information disclosure. All findings were valid and the communication with him was quick and efficient. Thank you for your help and best of luck!"

bmwghp from University of Tokyo

"Thanks for your report of a vulnerability on our site and quick response to our request of additional information. We were able to fix the problem very soon."

Rob McGregor from VERIZON

"Indeed professional, rapid to respond, and we do look forward to working together for any future issues identified. Keep up the good work!!"

Alin Tomescu from MIT

"localblackhat (CMD) found an XSS bug on our website which we were able to quickly fix thanks to her/his help."

Reuben from wikiHow

"Thanks you for bringing these issues to our attention!"

Gary from UC Berkeley

"Much appreciated alert. Will take seriously any future notices for sure. Very helpful. Recommended!"

deniak974 from W3C

"Great feedback with useful recommendations. Much appreciated!"

Paddy from Twitter

"Thanks for helping out. Fast and helpful response."

Philippe C. from Santé publique France

"Merci pour la notification. La faille de sécurité est corrigée."

Patrick Saladino from EPFL

@patricksaladino

"Dear Serge, The EPFL would like to thank you for identifying and responsibly disclosing a vulnerability on one of our websites. Your responsiveness was also greatly appreciated."

Peter from Philips

"Pedro did a swift job in disclosing the vulnerability he found. Thanks!"

Axel Schmidt from TeamViewer

"Cameron helped us significantly improve our services, and certainly proved to be extremely knowledgeable. We are extremely grateful to him and very much appreciate his research."

Responsible Disclosure from A1 Telekom Austria

@PaulMar23292621

"Hey, sorry last time I checked your site I didn't see this way to get in contact with you. Thank you very much for your submission to us. As you have noticed the issue has already been fixed. We don't have a hall of fame yet, but I will make sure that you are on it once it arrives. Please excuse the late reply. All the best, RD @ A1"

Adam Hess from Brooklyn Law School

"Serge, Thank you for helping us finding vulnerabilities in our website. I appreciated your responsiveness and clear demonstration of the exploit."

Tony from British Library

"Thank you Sohel for identifying a vulnerability on our site which has contributed to making it more secure. Thank you."

Computer Center from University of Vienna

"Dear SonnySpooks, The University of Vienna would like to thank you for your valuable contribution in finding multiple website security issues. Your input is highly welcome and helps to raise the security level of our educational institution. Servus and greetings from Vienna, Austria."

Josh from ABA

@JoshHar25910089

"Thanks for finding the XSS vulnerability - very helpful, and he was quick to respond when I couldn't reproduce it."

Top Bug Bounty Programs	Recently Started
Drupal	Csper
united-domains AG	The Stromberg Group
Maintenance	Hostingvisions
A1 Telekom Austria	www.lostserver.com
Boros	Anakrys
Babiel GmbH	Orion
Avito	WSHOP
Lidl Digital	Trivia questions
CYBERDAY GmbH	Centreville Tech, LLC

Latest Coordinated Disclosures

Website	Reported by	Date
en.drwu.com	raviakp1004 Helped patch 135 vulnerabilities Received 3 Coordinated Disclosure badges Received 2 recommendations	29.02.2020
jifeng-automotive.com	Dipu1A Helped patch 809 vulnerabilities Received 5 Coordinated Disclosure badges Received 14 recommendations	29.02.2020
parentini.com	Dipu1A Helped patch 809 vulnerabilities Received 5 Coordinated Disclosure badges Received 14 recommendations	29.02.2020
santacasade...caba.com.br	jvz107 Helped patch 68 vulnerabilities Received 3 Coordinated Disclosure badges	29.02.2020
basa-architecture.eu	Gh05tPT Helped patch 6309 vulnerabilities Received 10 Coordinated Disclosure badges Received 46 recommendations	29.02.2020
sci.vanyog.com	Gh05tPT Helped patch 6309 vulnerabilities Received 10 Coordinated Disclosure badges Received 46 recommendations	28.02.2020
comandosartmil.com.br	Gh05tPT Helped patch 6309 vulnerabilities Received 10 Coordinated Disclosure badges Received 46 recommendations	28.02.2020
connectamericas.com	ELProfesor Helped patch 2420 vulnerabilities Received 8 Coordinated Disclosure badges Received 92 recommendations	28.02.2020
gainesville...kiwanis.org	metamorfosec Helped patch 1635 vulnerabilities Received 9 Coordinated Disclosure badges Received 28 recommendations	28.02.2020

Awards Our Security Researchers Get

Open Bug Bounty Researcher wins lot of gift-cards

Open Bug Bounty Researcher wins lot of bounties

Open Bug Bounty Researcher wins lot of monay bounties

Open Bug Bounty Researcher wins Canon Pixma

Open Bug Bounty Researcher wins hoody

Open Bug Bounty Researcher wins chocolate

Open Bug Bounty Researcher wins $600,00 USD

Open Bug Bounty Researcher wins Dry Jin

Open Bug Bounty Researcher wins BlackBoard

Open Bug Bounty Researcher wins Dry Jin

Open Bug Bounty Researcher wins Red Bull reserve

Open Bug Bounty Researcher wins powerbeats headphones

Open Bug Bounty Researcher wins Wine

Open Bug Bounty Researcher wins $200,00 USD

Open Bug Bounty Researcher wins Vape

Open Bug Bounty Researcher wins watches

Open Bug Bounty Researcher wins T-Shirt

Open Bug Bounty Researcher wins Vape

Open Bug Bounty Researcher wins FRITZ!Box

Open Bug Bounty Researcher wins headphones

Open Bug Bounty Researcher wins 500 EUR

Open Bug Bounty Researcher wins Bounty

Open Bug Bounty Researcher wins MacBook Pro

Open Bug Bounty Researcher wins lot of bounties

Most Recommended Security Researchers

Security Researcher	Recommendations	Reputation
ELProfesor Helped patch 2420 vulnerabilities Received 8 Coordinated Disclosure badges Received 92 recommendations	92	1360
debsec Helped patch 4639 vulnerabilities Received 10 Coordinated Disclosure badges Received 91 recommendations	91	1310
Cyberanteater Helped patch 2329 vulnerabilities Received 11 Coordinated Disclosure badges Received 81 recommendations	81	1240
k0t Helped patch 2006 vulnerabilities Received 12 Coordinated Disclosure badges Received 77 recommendations	77	1470
login_denied Helped patch 7925 vulnerabilities Received 8 Coordinated Disclosure badges Received 76 recommendations	76	1230
SecuNinja Helped patch 3403 vulnerabilities Received 12 Coordinated Disclosure badges Received 69 recommendations	69	940
Spam404 Helped patch 16363 vulnerabilities Received 11 Coordinated Disclosure badges Received 69 recommendations	69	710
fakessh Helped patch 1837 vulnerabilities Received 9 Coordinated Disclosure badges Received 60 recommendations	60	830
Faizan_mark Helped patch 72 vulnerabilities Received 6 Coordinated Disclosure badges Received 58 recommendations	58	580

Security Researcher	Badges	Helped Secure
dim0k Helped patch 3602 vulnerabilities Received 10 Coordinated Disclosure badges Received 21 recommendations	10	1339 VIP Websites
Spam404 Helped patch 16363 vulnerabilities Received 11 Coordinated Disclosure badges Received 69 recommendations	11	1381 VIP Websites
Kenan Helped patch 2160 vulnerabilities Received 8 Coordinated Disclosure badges Received 6 recommendations	8	598 VIP Websites
retr0 Helped patch 1904 vulnerabilities Received 8 Coordinated Disclosure badges Received 3 recommendations	8	851 VIP Websites
login_denied Helped patch 7925 vulnerabilities Received 8 Coordinated Disclosure badges Received 76 recommendations	8	732 VIP Websites
ELProfesor Helped patch 2420 vulnerabilities Received 8 Coordinated Disclosure badges Received 92 recommendations	8	596 VIP Websites
OmniGooch Helped patch 3834 vulnerabilities Received 5 Coordinated Disclosure badges Received 10 recommendations	5	431 VIP Websites
npuser500 Helped patch 2554 vulnerabilities Received 9 Coordinated Disclosure badges Received 19 recommendations	9	508 VIP Websites
1995eaton Helped patch 716 vulnerabilities Received 7 Coordinated Disclosure badges Received 13 recommendations	7	548 VIP Websites

DevSecOps Compatible Bug Bounty and Crowd Security Testing

Coordinated and Responsible Disclosure

Recently Patched

Website	Patched on	Reported by
brazzerfree.com	29.02.2020	KhanJanny Helped patch 2038 vulnerabilities Received 9 Coordinated Disclosure badges Received 37 recommendations
winfiledb.com	29.02.2020	KhanJanny Helped patch 2038 vulnerabilities Received 9 Coordinated Disclosure badges Received 37 recommendations
sauguscenturions.com	29.02.2020	ELProfesor Helped patch 2420 vulnerabilities Received 8 Coordinated Disclosure badges Received 92 recommendations
fabensisd.net	29.02.2020	ELProfesor Helped patch 2420 vulnerabilities Received 8 Coordinated Disclosure badges Received 92 recommendations
legalplace.fr	29.02.2020	atmon3r Helped patch 118 vulnerabilities Received 3 Coordinated Disclosure badges Received 8 recommendations
therapystafftravel.com	29.02.2020	metamorfosec Helped patch 1635 vulnerabilities Received 9 Coordinated Disclosure badges Received 28 recommendations
cesa6.org	29.02.2020	rajesh_appsec Helped patch 76 vulnerabilities Received 4 Coordinated Disclosure badges Received 12 recommendations
sloganslingers.com	29.02.2020	Dipu1A Helped patch 809 vulnerabilities Received 5 Coordinated Disclosure badges Received 14 recommendations
lfsolicitors.co.uk	29.02.2020	Dipu1A Helped patch 809 vulnerabilities Received 5 Coordinated Disclosure badges Received 14 recommendations

Quickest Patched

Website	Patched in	Patched on	Reported by
laposte.fr	2 minutes	27.01.2020	shoxxdj Helped patch 1 vulnerabilities Received 0 Coordinated Disclosure badges
poki.com.br	12 minutes	31.05.2019	Gh05tPT Helped patch 6309 vulnerabilities Received 9 Coordinated Disclosure badges Received 46 recommendations
shine.com	1 hour	12.12.2019	Codingboy Helped patch 13 vulnerabilities Received 2 Coordinated Disclosure badges
gettransfer.com	2 hours	27.11.2019	Auntor Helped patch 38 vulnerabilities Received 4 Coordinated Disclosure badges Received 1 recommendations
cnpweb.schools.uta...	2 hours	08.02.2020	Broly157 Helped patch 1013 vulnerabilities Received 8 Coordinated Disclosure badges Received 7 recommendations
testmy.net	2 hours	02.08.2019	rajesh_app... Helped patch 76 vulnerabilities Received 4 Coordinated Disclosure badges Received 12 recommendations
daad.de	3 hours	09.09.2019	BADboy17 Helped patch 59 vulnerabilities Received 3 Coordinated Disclosure badges Received 3 recommendations
britannica.com	3 hours	05.12.2019	shafique_W... Helped patch 15 vulnerabilities Received 2 Coordinated Disclosure badges
rss.23.gs	3 hours	20.02.2020	melbadry9 Helped patch 1 vulnerabilities Received 1 Coordinated Disclosure badges

Top Alexa Rank Websites

Website	Status	Reported by
baidu.com	patched	SohelPathan6411 Helped patch 38 vulnerabilities Received 2 Coordinated Disclosure badges Received 3 recommendations
amazon.com	patched	MLT Helped patch 2021 vulnerabilities Received 8 Coordinated Disclosure badges Received 1 recommendations
linkedin.com	patched	Brute Helped patch 1377 vulnerabilities Received 11 Coordinated Disclosure badges
ebay.com	patched	MLT Helped patch 2021 vulnerabilities Received 8 Coordinated Disclosure badges Received 1 recommendations
yandex.ru	patched	Alyssa_Herrera Helped patch 1124 vulnerabilities Received 8 Coordinated Disclosure badges
microsoft.com	patched	ftLoic Helped patch 95 vulnerabilities Received 3 Coordinated Disclosure badges Received 2 recommendations
ask.com	patched	B4rt Helped patch 229 vulnerabilities Received 6 Coordinated Disclosure badges
imgur.com	patched	MLT Helped patch 2021 vulnerabilities Received 8 Coordinated Disclosure badges Received 1 recommendations
imdb.com	patched	Glubz Helped patch 132 vulnerabilities Received 6 Coordinated Disclosure badges

Top Google PR Websites

Website	Status	Reported by
usa.gov	patched	Angelo Helped patch 428 vulnerabilities Received 5 Coordinated Disclosure badges
addthis.com	patched	dim0k Helped patch 3602 vulnerabilities Received 10 Coordinated Disclosure badges Received 21 recommendations
universitas21.com	patched	dim0k Helped patch 3602 vulnerabilities Received 10 Coordinated Disclosure badges Received 21 recommendations
eua.be	patched	dim0k Helped patch 3602 vulnerabilities Received 10 Coordinated Disclosure badges Received 21 recommendations
nsf.gov	patched	Kenan Helped patch 2160 vulnerabilities Received 8 Coordinated Disclosure badges Received 6 recommendations
jstor.org	patched	Yadnyawalkya_Tale Helped patch 331 vulnerabilities Received 4 Coordinated Disclosure badges
api.weibo.com	patched	Spam404 Helped patch 16363 vulnerabilities Received 11 Coordinated Disclosure badges Received 69 recommendations
bne.es	patched	Guitch404 Helped patch 1106 vulnerabilities Received 8 Coordinated Disclosure badges
ec.europa.eu	patched	Angelo Helped patch 428 vulnerabilities Received 5 Coordinated Disclosure badges

Making Web a Safer Place

Coordinated & Responsible Disclosure

Based on ISO 29147 Guidelines

Terms & Privacy
2019 © OpenBugBounty