Open Bug Bounty selected among the
Top 5 Bug Bounty programs to watch
in 2021 by The Hacker News

For security researchers
Report a Vulnerability
Submit, help fixing, get kudos.
For website owners
Start a Bug Bounty
Run your bounty program for free.
956,756 coordinated disclosures
601,539 fixed vulnerabilities
1,318 bug bounty programs, 2,629 websites
22,660 researchers, 1,302 honor badges

Hedgehog Security Bug Bounty Program

Hedgehog Security runs a bug bounty program to ensure the highest security and privacy of its websites. Everyone is eligible to participate in the program subject to the below-mentioned conditions and requirements of Hedgehog Security

Open Bug Bounty performs triage and verification of the submissions. However, we never intervene to the further process of vulnerability remediation and disclosure between Hedgehog Security and researchers.

Bug bounty program allow private and public submissions.

Bug Bounty Scope

The following websites are within the scope of the program:

secure.hedgehogsecurity.com

Non-Intrusive Submissions Handling

The following section encompasses submission of the vulnerabilities that do not require intrusive testing as per Open Bug Bounty rules:

- Cross Site Scripting (XSS)
- Open Redirect

- Cross Site Request Forgery (CSRF)
- Improper Access Control

General Requirements:

Whilst we can’t wait to see what you will find, please take care when testing! We want you to have as much freedom as possible to test how you see fit but naturally if a service went down, alarm bells start ringing!

Reporting is super important to us! When you submit your report please include as much information as possible. That way we can narrow things down a lot quicker and get you rewarded faster. Also, even worse if it’s not clear in the report, it could be marked as a non-issue which isn’t fun for anyone!

Testing Requirements:

No use of mass vulnerability scanners.
No Denial of Service testing

Possible Awards:

Depending on the level of risk posed by the vulnerability found, your reward may be swap, awesome swag or cash.

Community Rating

Provided by security researchers who reported security vulnerabilities via this bug bounty program:

 
Response Time  Information How quickly researchers get responses to their submissions.
Remediation Time  Information How quickly reported submissions are fixed.
Cooperation and Respect  Information How fairly and respectfully researchers are being treated.

Researcher's comments

No comments so far.

  Latest Patched

 07.05.2021 baliza.go.gov.br
 07.05.2021 pequizeiro.to.gov.br
 07.05.2021 castanheiras.ro.gov.br
 07.05.2021 huji.ac.il
 07.05.2021 www6.caixa.gov.br
 07.05.2021 nasatheme.com
 07.05.2021 itaipulandia.pr.gov.br
 07.05.2021 detran.rr.gov.br

  Latest Blog Posts

25.04.2021 by ParanjpeSanmarg
Testing Subdomain Takeover Vulnerability
11.04.2021 by Open Bug Bounty
Better Notifications Mechanism
28.03.2021 by febin_rev
Windows Stack Buffer Overflow in a real life app — Exploit development — CloudMe_1.11.2 Buffer Overflow-CVE-2018–6892
10.02.2021 by Renzi25031469
Sysadminotaur nº88
10.02.2021 by Open Bug Bounty
Higher Submissions Quality Standard

  Recent Recommendations

@obb20210429     6 May, 2021
    Twitter obb20210429:
Thanks for a quick and useful report that helped us find and resolve the issue.
@MrGviana     6 May, 2021
    Twitter MrGviana:
Ricardo, thank you for reporting vulnerabilities and helping me to solve them.
@aguiar_security     6 May, 2021
    Twitter aguiar_security:
Hey Ricardo, thanks for helping us :)
@aguiar_security     6 May, 2021
    Twitter aguiar_security:
Hey Ricardo, thanks for helping us :)
@_Kkommi     6 May, 2021
    Twitter _Kkommi:
Thank you for letting us know about the issue and helping to make the web a safer place