Security Warning – External Emails

Platform update: please use our new authentication mechanism to securely use the Open Bug Bounty Platform.

For Researchers

Frequently Asked Questions Read the FAQ to get best experience with our platform	Write a Blog Post Write a blog post to share your knowledge and get kudos
Browse Bug Bounty Programs Browse active bug bounty programs run by website owners	Report a Vulnerability Report and help remediate a vulnerability found on any website

How it Works

Download presentation and learn
how our platform works

PDF, 500kb

For Website Owners

FAQ: For Website Owners Start here to ensure smooth collaboration with the security researchers	Start a Bug Bounty Start your bug bounty program at no cost and leverage crowd-security testing
FAQ: For Bug Bounty Owners Read how to maximize your ROI from crowd-security testing

How it Works

Download presentation and learn
how our platform works

PDF, 500kb

About

About the Project Read about Open Bug Bounty history, values and mission	API Request National CERTs and law enforcement agencies may request our API
Frequently Asked Questions Review the most popular questions about the project	Contact Us Get in touch

How it Works

Download presentation and learn
how our platform works

PDF, 500kb

Hall of Fame
Forum

Security Warning – External Emails

Dear Reader,

We are aware of the fake emails periodically sent from typo-squatted or cyber-squatted domains imitating the Open Bug Bounty project.

Please note that all genuine emails sent by the Open Bug Bounty project are always (i) digitally signed, and (ii) are sent only from the openbugbounty.org domain.

Any other domains, or emails sent from them, have no affiliation whatsoever with the Open Bug Bounty project. The fake emails usually contain false information about the vulnerabilities on your website – that in reality do not exist – and an invitation to contact the “researcher” directly for details.

If you receive a fake email, please:

Ignore the impersonating email. Do not reply to scammers.
Report the squatted domains, which are used to send the fake emails, to domain registrars.
Get in touch with us may you need help or have information that may help unmask the charlatans.

Sincerely,

Open Bug Bounty Team