API for CERTs

For Researchers

Twitter Login		HOW IT WORKS Download presentation and learn how our service works PDF, 1MB
Report a Vulnerability
Browse Bug Bounty Programs
Write a Blog Post
Ask a Question

For Owners

Start a Bug Bounty		HOW IT WORKS Download presentation and learn how our service works PDF, 1MB
Ask a Question
API

Hall of Fame

Top Security Researchers

Acknowledgements
About

  About the Project

  Latest Reports

  Contact Us
Forum
Blog

To promote coordinated and responsible disclosure enabled by Open Bug Bounty non-profit project, we provide national and private (subject to qualification) CERTs with a free API to search our databases and get alerts on new submissions affecting any domain.

We do not provide any vulnerability details (that belong to the security researchers) unless they are publicly disclosed via the API.

Upon request, we can also try to put your in contact with a researcher to facilitate coordinate disclosure and vulnerability remediation.

Request API access

Latest Patched

18.01.2020 bids.franklincountyohio.gov

18.01.2020 li-public.fmcsa.dot.gov

18.01.2020 petitions.fr...untyohio.gov

18.01.2020 apps.franklincountyohio.gov

17.01.2020 legis.iowa.gov

17.01.2020 freeads.co.uk

17.01.2020 smartbox.com

17.01.2020 catalog.usmint.gov

17.01.2020 riversideca.gov

17.01.2020 reservations.lacounty.gov

Latest Blog Posts

16.01.2020 by Open Bug Bounty
Brief Recap of Open Bug Bounty’s Record Growth in 2019

12.01.2020 by JCQ_47
WAF Cloudflare Bypass XSS at Nexusmods.com

08.01.2020 by devl00p
Top 100 Open Redirect dorks

08.01.2020 by Rando02355205
XSS WAF Bypassed

31.12.2019 by Open Bug Bounty
Happy bug hunting in 2020, let’s make Web secure with Open Bug Bounty!

Recent Recommendations

17 January, 2020

gexsi_search:

Many thanks for your support!

17 January, 2020

smay84:

Thank you for your quick response and helpful information.

17 January, 2020

RohitIn20189381:

Great job on finding that XSS.

17 January, 2020

uniteddomains:

Miguel helped us to identify several bugs in our wordpress instances. His reports were sufficiently detailed and communication was flawless and fast. Thank you very much!

16 January, 2020

UwTableau:

Thank you to Pankaj Thakur. Because of their vulnerability report, we were able to resolve a vulnerability in a timely manner, and his willingness to respond to followup is GREATLY appreciated.

Making Web a Safer Place

Coordinated & Responsible Disclosure

Based on ISO 29147 Guidelines