Infosec Institute

Open Bug Bounty mentioned in the
Top 6 Bug Bounty programs of
2022 by the InfoSec Institute

The Hacker News

Open Bug Bounty named among the
Top 5 Bug Bounty programs of 2021
by The Hacker News

Platform update: please use our new authentication mechanism to securely use the Open Bug Bounty Platform.
For security researchers
Report a Vulnerability
Submit, help fixing, get kudos.
For website owners
Start a Bug Bounty
Run your bounty program for free.
1,709,227 coordinated disclosures
1,357,596 fixed vulnerabilities
1,980 bug bounty programs, 3,897 websites
46,091 researchers, 1,643 honor badges

Akkedeer Bug Bounty Program

Akkedeer runs a bug bounty program to ensure the highest security and privacy of its websites. Everyone is eligible to participate in the program subject to the below-mentioned conditions and requirements of Akkedeer

Open Bug Bounty performs triage and verification of the submissions. However, we never intervene to the further process of vulnerability remediation and disclosure between Akkedeer and researchers.

Bug bounty program allow private submissions only.

Bug Bounty Scope

The following websites are within the scope of the program:

*.akkedeer.com
*.altijdthuis.nl

Non-Intrusive Submissions Handling

The following section encompasses submission of the vulnerabilities that do not require intrusive testing as per Open Bug Bounty rules:

- Cross Site Scripting (XSS)
- Open Redirect

- Cross Site Request Forgery (CSRF)
- Improper Access Control

General Requirements:

exclusion of CSRF

Testing Requirements:

non intrusive methodologies. No data changes permitted.

Possible Awards:

recommendation in researcher's profile,
mention in a Hall of Fame,
small bounties like books, HW boards, software, small payments

Special Notes:

Thanks in advance to inform us about any vulnerabilities.
We are a small startup company and don't have big pockets.

Other Submissions Handling

Website owner want to receive information about other vulnerabilities

Notifications:

please email [email protected]. Email can be encrypted with PGP.

PGP Key:

Show key

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBF1VKAsBEADB0HhOiT/21uej9no+A7r+UB+0OB9PezBU9hUFEEl+rYMYt+T4
8FepYrrXhhg7q3U9KoC5C/Lcp9CQV78TBmEQcYL0LoI/J653qLPBiutlwHH5hAdr
sxHkG9d/5o/v5PXMpOerx4GYR5ZAh7/foVov0pAwuhJO2tOuTeMh53656Qj4wLVy
X5jPDwWiV3jMGIrhPq2Q4kH78Jp2VXOchn/99DKEx6Jf1Zs72Vg9A9qmgscujhuE
1QsfF2WMJsnMdDRi/w3Bc8DV3bLf8+UfellQ6ynxlypoAQTlAex3mHDOnlOHfz28
spxBAM2rU+z7wALxSfIXiJ/1SKx7XsgNe78AZhy2D/ZTA1xGcvFAyu2pIX24kNj+
sIrNlDC2EgzaVCi2fyLWcuMj8iRkRIfBlMgVTOUH+WDu5iKJicBkvY4+iW0MNwA3
mab3HRHhTG/HMggEp2OeXeZs5Lrs1N7YZE5Y8cQWwgWyxofZbOmnWK3NMXict0H4
pKzEgKVUMsh0oIvdLI0Zb6haarL/ASzQrsPpHa5eB1119XUbG+6IKB861ZcpOXsr
GsZ6mxlu9vNp3hBEby+s1UhZZOoyKfR2REu6r29pG9avM5NX4Cdrc2suHRJOvnzr
LYJHi6NxVUaLIkbQJiQgZJHk9IdAHD+ABuJoURIhQF7qRutBAyxTJHw0LQARAQAB
tCFEYXZlIEhlbGxpbmdzIDxkYXZlQGFra2VkZWVyLmNvbT6JAjUEEAEIAB8FAl1V
KAsGCwkHCAMCBBUICgIDFgIBAhkBAhsDAh4BAAoJELnOCDj9RqHzJWsQAJp/HHb3
BzJ6y+O2eHMmyhrWUMT367FS84gzAUgn/M4f2tVNM95c++NnlbboPlzgAn9VIYLi
bPqB4tM5/C4hkDq1lbwM4VB/PG/MD3Zf+g+nQZlTeWGX3VCKBPwukHMpmWCUkCYE
V2EVyT/thAC/Vh+B1a0m2/EH3jeHTDRclsvLK5qKz1bz5GcYogZe788v1lVR1WiL
30IPQMZ9xN9iVCGPBjfOa5LXA2fB9BJN/Rdptjp1Z7pYisszmQwdtBqsjCaBvpCO
Sbcqa9NGXK97Nb64SNkHeHU0mqMBwPc51+d/Exu2+iUUwWJO+gScRdz11/TTqBPS
ZXcbIF8B6IWnH+lrXIzSlcgmLF2umvO0OzxCFd4z0wOXpGGn0QSo5yjHady1JK6S
PdZVR+H9pqxWoYNnr5L11pDyq9ABOyF67l70OtHftrKJ0txTQDv6IEkVw2su0I+f
WlDfUfdLl/BRyUWwHpNO7hDAjRajIOf6hUDZLugFNHxWGWNLUHqAqVUSPymnDyb+
3AhhnB5uclliAWHSYzR7Up7kyWoFIX3n2q3VZbt1QBkV5A/05IG1tIWBYrNvSglt
/oxSQbIvSvS4RLlGXkERBge0QYZkf2ymrd0xSue2ydgxKt7XQCEChe6muAhGKM+t
QRMI/MDWPoAgGW0o72G0JkRDA1pG9B2h4iVnuQINBF1VKAsBEADCZAj7+9J5MIeI
6SjoSaLFUKKTYUN3haZsvmdtZMqgSow2908Ja1vPCdTaLHSXYigZIn9CFqd7RQhQ
xeON2FEiXrNpCX7KKR/X24dwjK6E2VmjQDpqfOkpPd/WiiC4/ZLOCr1jYDAZl6LM
dFZqLuKzumb9R0Q3V4j7IA+NsWJynMdaRTdhesjGY7ZDkGfKMI1gh8eF8CylnmXh
eaLZGHdGOg3rUbng2bMmNmWfMScYS8DHm5ziiV6CH/uTi3MIFn8Kqzz4XukPWsM0
bYTz9lv+rCALrC7yLajj18dXZV3GNqG/7uHFeC4fAYiiP+n+GvRR0nohEzADTD7G
hF4XqL+Gya369TF8wpqGty57aUmCVw/4/LCZh7slbl9sBBzr+SXVXoec1rwIOAnx
7xsSZcP26deDWnIBeGKQYnQ7cau40xVzMRdmg/SMA5sc0FgSmLcrTl+4f9ZeRwfU
cEU83pf0kQC2BIZO6Khx4kDuIsmAzH23iSKe6lsFv6tKrHQ2yS+GNycf6z7LNQep
Ah57Lb89haiSBt2R5fK66LUBbmS3Rp02N5F2yenLU6NRptod0Dh0A/A0IQH4Lv6w
/uWwbpJF8W0NHwxKETsHsnLPRFa2clLNl1ngFnM2K45Gczyfeyup0+uQgCcIkFyr
4k5AJ4Vb2axLkz3ij0C4pYntn63ZdwARAQABiQIfBBgBCAAJBQJdVSgLAhsMAAoJ
ELnOCDj9RqHz8QMP/il/ky/W8uUuf6yKB26WdQoiFH6RiqjxvFzRwcAPGNxgoTo0
4Ls35ZpjqAC+SmVUPcMTYO8UWHwD0TGzVSVtTQoMdXjCAj0wjpMQA+aeFXKeA/qw
ngwywIKUly8tMqZvYuVrvvtNk8/DORqueTFzWIZS5+9vybqrknRtAvGmiMOru6+P
7qjN6ldAetouKoH6yF+Van719SMy9y/rnhmizxJAKAPSjthwqup1Y5WYmMrlLd5V
7aGU6EgnI3iK0U6el72cNdZdOzHsGIDqRcwIJle4eDYgGgobVi+PD1dlgKjNCLJD
0O6iAoNayBMnEsUynnQzBNxfNpjBlqihEzqdcNPSGUOfZ4JExKWw/HtOu30sy7vr
8LjPEgDylf6VZeK9DlzyAudAYU3osYZQCgWLNhycl8lAmgKkONkpTQ1DgJEPTJ2D
e0zOGJs5oPli03+lqEMW+PUDwWf4AtNsdPtVODSadPVBZP7oduWetmGvG2A2Ifdm
KsbZKMxHB3FpsCGoPBtmqGhV+uAKlv+N5zB08MuM8yOxLR0z3P1LwDlNRc2ncwlZ
q/4zGtFybPp27eWtLvz8LbgBxp7XdfEg2jNj4A2ZWaspChVfMz4rj3fKVyCz4fHB
e+IB730fYggZBUtJIIXVE2mbwHk7rLZ8OnV2SiocQaBSsxnglYnJhL+N+Lb3
=9rog
-----END PGP PUBLIC KEY BLOCK-----

General Requirements:

exclusion of CSRF

Testing Requirements:

non intrusive methodologies. No data changes permitted.

Possible Awards:

recommendation in researcher's profile,
mention in a Hall of Fame,
small bounties like books, HW boards, software

Special Notes:

Thanks in advance to inform us about any vulnerabilities.
We are a small startup company and don't have big pockets.

Community Rating

Provided by security researchers who reported security vulnerabilities via this bug bounty program:

 
Response Time  Information How quickly researchers get responses to their submissions.
Remediation Time  Information How quickly reported submissions are fixed.
Cooperation and Respect  Information How fairly and respectfully researchers are being treated.

Researcher's comments

No comments so far.

  Latest Patched

 28.03.2024 jarchi.me
 28.03.2024 auctionbidding.fcc.gov
 28.03.2024 moodle.wns.gov.il
 28.03.2024 th.adi.gov.il
 28.03.2024 montague-ma.gov
 28.03.2024 aparecida.sp.gov.br
 27.03.2024 nccupress.nccu.edu.tw
 26.03.2024 schedule.cc.nih.gov
 26.03.2024 floraargentina.edu.ar

  Latest Blog Posts

04.12.2023 by BAx99x
Unmasking the Power of Cross-Site Scripting (XSS): Types, Exploitation, Detection, and Tools
04.12.2023 by a13h1_
$1120: ATO Bug in Twitter’s
04.12.2023 by ClumsyLulz
How I found a Zero Day in W3 Schools
04.12.2023 by 24bkdoor
Hack the Web like a Pirate: Identifying Vulnerabilities with Style
04.12.2023 by 24bkdoor
Navigating the Bounty Seas with Open Bug Bounty

  Recent Recommendations

    20 March, 2024
    TechVitaverdura:
Great exchanges with this person, thank you for your help and your report
    20 March, 2024
    Mek:
He reported some vulnerabilities and oversights of security best practices on my small private project web page.
Was responsive to e-mail, unlike many other people, so yes, I can recommend him.
    20 March, 2024
    ztwo79:
We would like to thank Pooja for responsibly disclosing a Cross-Site Scripting (XSS) vulnerability in our website. Her prompt reporting and assistance in developing a fix were instrumental in ensuring the security of our users.
    16 March, 2024
    TorutheRedFox:
Thanks for the help with the XSS vulnerability. It was a quick fix.
    15 March, 2024
    adesignguy:
Reported an XSS vulnerability which was helpful and much appreciated. I have patched it now as soon as I saw the email which was forwarded onto me!