{"id":13492452,"url":"https://github.com/djadmin/awesome-bug-bounty","last_synced_at":"2026-01-27T17:35:34.878Z","repository":{"id":37925553,"uuid":"51669870","full_name":"djadmin/awesome-bug-bounty","owner":"djadmin","description":"A comprehensive curated list of available Bug Bounty \u0026 Disclosure Programs and Write-ups.","archived":false,"fork":false,"pushed_at":"2024-01-15T15:26:26.000Z","size":195,"stargazers_count":4403,"open_issues_count":13,"forks_count":899,"subscribers_count":289,"default_branch":"master","last_synced_at":"2024-05-22T08:10:45.253Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc0-1.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/djadmin.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"contributing.md","funding":null,"license":"LICENSE","code_of_conduct":"code-of-conduct.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2016-02-13T23:00:35.000Z","updated_at":"2024-05-21T05:03:15.000Z","dependencies_parsed_at":"2024-04-13T22:42:30.724Z","dependency_job_id":"9c914c54-84f6-4e37-8eb3-ebb2fb5873c6","html_url":"https://github.com/djadmin/awesome-bug-bounty","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/djadmin%2Fawesome-bug-bounty","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/djadmin%2Fawesome-bug-bounty/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/djadmin%2Fawesome-bug-bounty/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/djadmin%2Fawesome-bug-bounty/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/djadmin","download_url":"https://codeload.github.com/djadmin/awesome-bug-bounty/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245394767,"owners_count":20608123,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T19:01:06.215Z","updated_at":"2026-01-27T17:35:34.828Z","avatar_url":"https://github.com/djadmin.png","language":null,"funding_links":["https://www.paypal.com/bugbounty/register"],"categories":["Miscellaneous","Others","\u003ca id=\"a4ee2f4d4a944b54b2246c72c037cd2e\"\u003e\u003c/a\u003e收集\u0026\u0026集合","Bug Bounty","Awesome Repositories","Security","Table of Contents","Others (1002)","其他_安全与渗透","🍫 Bug bounty","[↑](#-content) 📖 Learning","\u003ca id=\"e97d183e67fa3f530e7d0e7e8c33ee62\"\u003e\u003c/a\u003e未分类","Uncategorized","\u003ca id=\"8c5a692b5d26527ef346687e047c5c21\"\u003e\u003c/a\u003e收集","Other Lists","📘 Valuable Repositories","Security \u0026 Hacking","BUG BOUNTY / SECURITY RESEARCH","Pentesting","Here is a collection of hackers, pentesters, security researchers, scripts and more:","Programming/Comp Sci/SE Things","Learn"],"sub_categories":["ModSecurity / OWASP ModSecurity Core Rule Set","\u003ca id=\"e97d183e67fa3f530e7d0e7e8c33ee62\"\u003e\u003c/a\u003e未分类","Other Sources","Awesome Repositories","网络服务_其他","[↑](#-content) 📙 Open-Source Repositories","\u003ca id=\"f110da0bf67359d3abc62b27d717e55e\"\u003e\u003c/a\u003e新添加的","Uncategorized","TeX Lists","Bug Bounty Resources","Payloads","Bug Bounty Stuff","Miscellaneous"],"readme":"# Awesome Bug Bounty [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)\nA comprehensive curated list of Bug Bounty Programs and write-ups from the Bug Bounty hunters.\n\n## Table of Contents\n- [Getting Started](#getting-started)\n- [Write Ups \u0026 Authors](#write-ups--authors)\n- [Platforms](#platforms)\n- [Available Programs](#available-programs)\n- [Contribution guide](contributing.md)\n\n### Getting Started\n- [How to Become a Successful Bug Bounty Hunter](https://hackerone.com/blog/what-great-hackers-share)\n- [Researcher Resources - How to become a Bug Bounty Hunter](https://forum.bugcrowd.com/t/researcher-resources-how-to-become-a-bug-bounty-hunter/1102)\n- [Bug Bounties 101](https://whitton.io/articles/bug-bounties-101-getting-started/)\n- [The life of a bug bounty hunter](http://www.alphr.com/features/378577/q-a-the-life-of-a-bug-bounty-hunter)\n- [Awsome list of bugbounty cheatsheets](https://github.com/EdOverflow/bugbounty-cheatsheet)\n- [Getting Started - Bug Bounty Hunter Methodology](https://www.bugcrowd.com/blog/getting-started-bug-bounty-hunter-methodology)\n\n### Write Ups \u0026 Authors\n- [sakurity.com/blog](http://sakurity.com/blog)  -  by [Egor Homakov](https://twitter.com/homakov)\n- [respectxss.blogspot.in](http://respectxss.blogspot.in/)  -  by [Ashar Javed](https://twitter.com/soaj1664ashar)\n- [labs.detectify.com](http://labs.detectify.com/)  -  by [Frans Rosén](https://twitter.com/fransrosen)\n- [cliffordtrigo.info](https://www.cliffordtrigo.info/)  -  by [Clifford Trigo](https://twitter.com/MrTrizaeron)\n- [stephensclafani.com](http://stephensclafani.com/)  -  by [Stephen Sclafani](https://twitter.com/Stephen)\n- [sasi2103.blogspot.co.il](http://sasi2103.blogspot.co.il/)  -  by [Sasi Levi](https://twitter.com/sasi2103)\n- [pwnsecurity.net](http://www.pwnsecurity.net/)  -  by [Shashank](https://twitter.com/cyberboyIndia)\n- [breaksec.com](https://www.breaksec.com/)  -  by [Nir Goldshlager](https://twitter.com/Nirgoldshlager)\n- [pwndizzle.blogspot.in](http://pwndizzle.blogspot.in/)  -  by [Alex Davies](https://twitter.com/pwndizzle)\n- [c0rni3sm.blogspot.in](http://c0rni3sm.blogspot.in/)  -  by [yappare](https://twitter.com/yappare)\n- [exploit.co.il/blog](http://exploit.co.il/blog/)  -  by [Shai rod](https://twitter.com/NightRang3r)\n- [ibreak.software](https://ibreak.software/)  -  by [Riyaz Ahemed Walikar](https://twitter.com/riyazwalikar)\n- [panchocosil.blogspot.in](http://panchocosil.blogspot.in/)  -  by [Francisco Correa](https://twitter.com/@panchocosil)\n- [breakingmesh.blogspot.in](http://breakingmesh.blogspot.in/)  -  by [Sahil Sehgal](https://twitter.com/xXSehgalXx)\n- [websecresearch.com](http://www.websecresearch.com/)  -  by [ Ajay Singh Negi](https://twitter.com/ajaysinghnegi)\n- [securitylearn.net](http://www.securitylearn.net/about/)  -  by [Satish Bommisetty](https://twitter.com/satishb3)\n- [secinfinity.net](http://www.secinfinity.net/)  -  by Prakash Sharma\n- [websecuritylog.com](http://www.websecuritylog.com/)  -  by [jitendra jaiswal](https://twitter.com/jeetjaiswal22)\n- [medium.com/@ajdumanhug](https://medium.com/@ajdumanhug) - by [Allan Jay Dumanhug](https://www.twitter.com/ajdumanhug)\n- [Web Hacking 101](https://leanpub.com/web-hacking-101) - by [Peter Yaworski](https://twitter.com/yaworsk)\n\n\n### Platforms\n- [YesWeHack](https://yeswehack.com/)\n- [intigriti](https://intigriti.com/)\n- [HackerOne](https://hackerone.com/)\n- [Bugcrowd](https://bugcrowd.com/)\n- [Cobalt](https://cobalt.io/)\n- [Bountysource](https://www.bountysource.com/)\n- [Bounty Factory](https://bountyfactory.io/)\n- [Coder Bounty](http://www.coderbounty.com/)\n- [FreedomSponsors](https://freedomsponsors.org/)\n- [FOSS Factory](http://www.fossfactory.org/)\n- [Synack](https://www.synack.com/)\n- [HackenProof](https://hackenproof.com/)\n- [Detectify](https://cs.detectify.com/)\n- [Bugbountyjp](https://bugbounty.jp/)\n- [Safehats](https://safehats.com/)\n- [BugbountyHQ](https://www.bugbountyhq.com/)\n- [Hackerhive](https://hackerhive.io/)\n- [Hacktrophy](https://hacktrophy.com/)\n- [AntiHACK](https://www.antihack.me/)\n- [CESPPA](https://www.cesppa.com/)\n\n### Available Programs\n- [123Contact Form](http://www.123contactform.com/security-acknowledgements.htm)\n- [99designs](https://hackerone.com/99designs)\n- [Abacus](https://bugcrowd.com/abacus)\n- [Acquia](mailto:security@acquia.com)\n- [ActiveCampaign](mailto:security@activecampaign.com)\n- [ActiveProspect](mailto:security@activeprospect.com)\n- [Adobe](https://hackerone.com/adobe)\n- [AeroFS](mailto:security@aerofs.com)\n- [Airbitz](https://cobalt.io/airbitz)\n- [Airbnb](https://hackerone.com/airbnb)\n- [Algolia](https://hackerone.com/algolia)\n- [Altervista](http://en.altervista.org/feedback.php?who=feedback)\n- [Altroconsumo](https://go.intigriti.com/altroconsumo)\n- [Amara](mailto:security@amara.org)\n- [Amazon Web Services](mailto:aws-security@amazon.com)\n- [Amazon.com](mailto:security@amazon.com)\n- [ANCILE Solutions Inc.](https://bugcrowd.com/ancile)\n- [Anghami](https://hackerone.com/anghami)\n- [ANXBTC](https://cobalt.io/anxbtc)\n- [Apache httpd](https://hackerone.com/ibb-apache)\n- [Appcelerator](mailto:Infosec@appcelerator.com)\n- [Apple](mailto:product-security@apple.com)\n- [Apptentive](https://www.apptentive.com/contact)\n- [Aptible](mailto:security@aptible.com)\n- [Ardour](http://tracker.ardour.org/my_view_page.php)\n- [Arkane](https://go.intigriti.com/arkanenetwork)\n- [ARM mbed](mailto:whitehat@polarssl.org)\n- [Asana](mailto:security@asana.com)\n- [ASP4all](mailto:support@asp4all.nl)\n- [AT\u0026T](https://bugbounty.att.com/bugform.php)\n- [Atlassian](https://securitysd.atlassian.net/servicedesk/customer/portal/2)\n- [Attack-Secure](mailto:admin@attack-secure.com)\n- [Authy](mailto:security@authy.com)\n- [Automattic](https://hackerone.com/automattic)\n- [Avast!](mailto:bugs@avast.com)\n- [Avira](mailto:vulnerabilities@avira.com)\n- [AwardWallet](https://cobalt.io/awardwallet)\n- [Badoo](https://corp.badoo.com/en/security/#send_bid)\n- [Barracuda](https://bugcrowd.com/barracuda)\n- [Base](https://go.intigriti.com/base)\n- [Basecamp](mailto:security@basecamp.com)\n- [Beanstalk](https://wildbit.wufoo.com/forms/wildbit-security-response)\n- [BillGuard](https://cobalt.io/billguard)\n- [Billys Billing](https://cobalt.io/billys-billing)\n- [Binary.com](https://hackerone.com/binary)\n- [Binary.com Cashier](https://hackerone.com/binary_cashier)\n- [BitBandit.eu](https://cobalt.io/bitbandit-eu)\n- [Bitcasa](mailto:security@bitcasa.com)\n- [BitCasino](https://cobalt.io/bitcasino)\n- [BitGo](https://cobalt.io/bitgo)\n- [BitHealth](https://cobalt.io/bithealth)\n- [BitHunt](https://hackerone.com/bithunt)\n- [BitMEX](https://cobalt.io/bitmex)\n- [Bitoasis](https://cobalt.io/bitoasis)\n- [Bitpagos](https://cobalt.io/bitpagos)\n- [Bitrated](https://cobalt.io/bitrated)\n- [Bitreserve](https://cobalt.io/bitreserve)\n- [Bitspark](https://cobalt.io/bitspark)\n- [Bitwage](https://cobalt.io/bitwage)\n- [BitWall](mailto:request@bitwall.io)\n- [BitYes](https://cobalt.io/bityes)\n- [BlackBerry](https://global.blackberry.com/secure/report-an-issue/en.html)\n- [Blackboard](mailto:learnsecurity@blackboard.com)\n- [Blackphone](https://bugcrowd.com/blackphone)\n- [Blesta](mailto:security@blesta.com)\n- [Block.io](https://hackerone.com/blockio)\n- [Block.io, Inc.](https://cobalt.io/block-io-inc)\n- [Blockchain.info](https://cobalt.io/blockchain-info)\n- [BlockScore](https://cobalt.io/blockscore)\n- [Bookfresh](https://hackerone.com/bookfresh)\n- [Box](mailto:security-reports@box.com)\n- [Braintree](mailto:security@braintreepayments.com)\n- [Brussels Airlines](https://go.intigriti.com/brusselsairlines)\n- [BTC_sx](https://cobalt.io/btc-sx)\n- [Buffer](mailto:security@bufferapp.com)\n- [BX.in.th](https://cobalt.io/bx-in-th)\n- [C2FO](https://hackerone.com/c2fo)\n- [Campaign Monitor](https://help.campaignmonitor.com/contact)\n- [CARD.com](https://bugcrowd.com/card)\n- [Catchafire](https://cobalt.io/catchafire)\n- [Caviar](https://hackerone.com/caviar)\n- [CCBill](mailto:bugrewards@ccbill.com)\n- [CERT/CC](https://hackerone.com/cert)\n- [Certly](https://hackerone.com/certly)\n- [ChainPay](https://cobalt.io/chainpay)\n- [ChangeTip](https://cobalt.io/changetip)\n- [Chargify](https://bugcrowd.com/chargify)\n- [Chromium Project](https://code.google.com/p/chromium/issues/entry?template=Security%20Bug)\n- [Circle](https://cobalt.io/circle)\n- [CircleCI](mailto:security@circleci.com)\n- [Cisco](http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html#roosfassv)\n- [ClickUp](https://clickup.com/bug-bounty)\n- [Clojars](mailto:contact@clojars.org)\n- [CloudFlare](https://hackerone.com/cloudflare)\n- [Cobalt](https://cobalt.io/cobalt)\n- [Code Climate](mailto:security@codeclimate.com)\n- [CodeIgniter](https://hackerone.com/codeigniter)\n- [CodePen](https://bugcrowd.com/codepen)\n- [Coin Republic](https://cobalt.io/coin-republic)\n- [Coin.Space](https://hackerone.com/coinspace)\n- [Coinage](https://cobalt.io/coinage)\n- [Coinbase](https://hackerone.com/coinbase)\n- [CoinDaddy](https://cobalt.io/coindaddy)\n- [Coinkite](mailto:feedback@coinkite.com?subject=%5BVulnerability%5D%20-%20)\n- [Coinport](https://cobalt.io/coinport)\n- [coins.ph](https://cobalt.io/coins-ph)\n- [Cointrader.net](https://cobalt.io/cointrader-net)\n- [Coinvoy](https://cobalt.io/coinvoy)\n- [Collishop](https://go.intigriti.com/collishop)\n- [Colruyt](https://go.intigriti.com/colruyt)\n- [Compose](mailto:security@compose.io)\n- [concrete5](https://hackerone.com/concrete5)\n- [Constant Contact](mailto:vulnerability@constantcontact.com)\n- [Counterparty](https://cobalt.io/counterparty)\n- [Coupa](mailto:security@coupa.com)\n- [Coursera](https://hackerone.com/coursera)\n- [cPanel](mailto:security@cpanel.net)\n- [cPaperless](mailto:support@cPaperless.com)\n- [Crix.io](https://cobalt.io/crixio)\n- [Cross Border Fines](https://go.intigriti.com/crossborderfines)\n- [CrowdShield](https://crowdshield.com/bug-bounty-list.php?bug_bounty_program=crowdshield)\n- [Cryptocat](https://github.com/cryptocat/cryptocat/issues)\n- [Cupcake](mailto:security@cupcake.io)\n- [CustomerInsight](mailto:admin@customerinsight.ca)\n- [Cylance](https://hackerone.com/cylance)\n- [Dato Capital](mailto:security%40datocapital.com)\n- [Detectify](mailto:disclosure@detectify.com)\n- [De Volkskrant](https://go.intigriti.com/devolkskrant)\n- [Delen Private Bank](https://go.intigriti.com/delen)\n- [DigitalOcean](mailto:security@digitalocean.com)\n- [DigitalSellz](https://hackerone.com/digitalsellz)\n- [Django](https://hackerone.com/django)\n- [Doorkeeper](mailto:info@doorkeeper.jp)\n- [DoSomething](https://cobalt.io/dosomething)\n- [DPD](mailto:security@dpd.zendesk.com)\n- [Dragon King](https://hackenproof.com/neverdie/dragon-king)\n- [Dreambaby](https://go.intigriti.com/dreamland)\n- [Dreamland](https://go.intigriti.com/dream)\n- [Dropbox](https://hackerone.com/dropbox)\n- [Dropbox Acquisitions](https://hackerone.com/dropbox-acquisitions)\n- [Drupal](https://www.drupal.org/node/101494)\n- [eBay](http://pages.ebay.com/securitycenter/Researchers.html)\n- [Eclipse](mailto:security@eclipse.org)\n- [eHealth Hub VZN KUL](https://go.intigriti.com/ehealthhubvznkul)\n- [EMC](mailto:security_alert@emc.com)\n- [Enano](mailto:security@enanocms.org)\n- [Engine Yard](mailto:security@engineyard.com)\n- [Envoy](https://hackerone.com/envoy)\n- [Eobot](https://cobalt.io/eobot)\n- [EthnoHub](mailto:security@ethnohub.com)\n- [Etsy](https://www.etsy.com/bounty)\n- [EVE](mailto:security@ccpgames.com)\n- [Event Espresso](http://eventespresso.com/report-a-security-vulnerability)\n- [Everitoken](https://hackenproof.com/everitoken/everitoken-blockchain)\n- [Evernote](mailto:security@evernote.com)\n- [EURid](https://go.intigriti.com/eurid)\n- [Expatistan](mailto:gerardo@expatistan.com)\n- [ExpressionEngine](https://hackerone.com/expressionengine)\n- [Ezbob](https://cobalt.io/ezbob)\n- [Facebook](https://www.facebook.com/whitehat)\n- [Faceless](https://hackerone.com/faceless)\n- [Factlink](https://hackerone.com/factlink)\n- [FanFootage](https://hackerone.com/fanfootage)\n- [FastSlots](https://cobalt.io/fastslots)\n- [Flash](https://hackerone.com/flash)\n- [Flood](mailto:support@flood.io)\n- [Flow Dock](mailto:security@flowdock.com)\n- [Flox](https://hackerone.com/flox)\n- [Fluxiom](mailto:security@fluxiom.com)\n- [Fog Creek](http://www.fogcreek.com/contact)\n- [FormAssembly](mailto:security@formassembly.com)\n- [Founder Bliss](https://cobalt.io/founder-bliss)\n- [Foursquare](mailto:security@foursquare.com)\n- [Freelancer](mailto:security-reporting@freelancer.com)\n- [Gallery](mailto:security@galleryproject.org)\n- [Gamma](mailto:security-alert@intergamma.nl)\n- [Gemfury](mailto:security@gemfury.com)\n- [General Motors](https://hackerone.com/gm)\n- [GhostMail](https://hackerone.com/gmguys)\n- [GitHub](https://bounty.github.com/submit-a-vulnerability.html)\n- [GitLab](https://hackerone.com/gitlab)\n- [GlassWire](https://hackerone.com/glasswire)\n- [Gliph](mailto:security@gli.ph)\n- [GlobaLeaks](https://hackerone.com/globaleaks)\n- [Google PRP](mailto:security-patches@google.com)\n- [Google VRP](https://www.google.com/about/appsecurity/reward-program/index.html)\n- [Grammarly](https://hackerone.com/grammarly)\n- [Gratipay](https://hackerone.com/gratipay)\n- [GreenAddress](https://cobalt.io/greenaddress)\n- [Greenhouse.io](https://hackerone.com/greenhouse)\n- [Grok Learning](mailto:security@groklearning.com)\n- [HackenProof](https://hackenproof.com/hacken/hackenproof)\n- [HackerOne](https://hackerone.com/security)\n- [Harmony](mailto:security@collectiveidea.com)\n- [Heroku](https://bugcrowd.com/heroku)\n- [Hex-Rays](mailto:bugbounty@hex-rays.com)\n- [Hive Wallet](https://cobalt.io/hive-wallet)\n- [Hootsuite](mailto:security@hootsuite.com)\n- [HTC](mailto:security@htc.com)\n- [Huawei](mailto:psirt@huawei.com)\n- [Hubdia](https://hackerone.com/hubdia)\n- [Humble Bundle](https://bugcrowd.com/humblebundle)\n- [IAM KU Leuven](https://go.intigriti.com/kuleuvenlogin)\n- [Ian Dunn](https://hackerone.com/iandunn-projects)\n- [IBM](https://www.ibm.com/scripts/contact/contact/us/en/security_vulnerabilities)\n- [ICEcoder](https://bugcrowd.com/icecoder)\n- [Iconfinder](mailto:support@iconfinder.com)\n- [Ifixit](mailto:security@ifixit.com)\n- [Imgur](https://hackerone.com/imgur)\n- [ImpressPages](https://cobalt.io/impresspages)\n- [Indeed](https://bugcrowd.com/indeed)\n- [Independent Reserve](https://cobalt.io/independent-reserve)\n- [Informatica](https://hackerone.com/informatica)\n- [IntegraXor](http://www.integraxor.com/support.html)\n- [Internetwache](mailto:security@internetwache.org)\n- [InVision](https://hackerone.com/invision)\n- [IRCCloud](https://hackerone.com/irccloud)\n- [itBit Exchange](https://hackerone.com/itbit)\n- [ITRP](mailto:security@itrp.com)\n- [itsme](https://go.intigriti.com/itsme)\n- [joola.io](https://hackerone.com/joola-io)\n- [Joomla](http://vel.joomla.org/submit-vel)\n- [JRuby](mailto:security@jruby.org)\n- [jsDelivr](https://hackerone.com/jsdelivr)\n- [Juniper](mailto:sirt@juniper.net)\n- [Kadira](https://hackerone.com/kadira)\n- [Kaneva](mailto:security@kaneva.com)\n- [Kayako](http://my.kayako.com/Tickets/Submit)\n- [Kenna](https://bugcrowd.com/riskio)\n- [Keybase](https://hackerone.com/keybase)\n- [Khan Academy](https://hackerone.com/khanacademy)\n- [SKB Kontur](https://kontur.ru/.well-known/security.txt)\n- [Kraken](mailto:bugbounty@kraken.com)\n- [Kinepolis](https://go.intigriti.com/kinepolis)\n- [Kuna](https://hackenproof.com/kuna/kuna-crypto-exchange)\n- [Lancor Income](https://cobalt.io/lancor-income)\n- [LastPass](mailto:security@lastpass.com)\n- [LaunchKey](mailto:security@launchkey.com)\n- [Lean Testing](https://hackerone.com/leantesting)\n- [Librato](mailto:security@librato.com)\n- [LibSass](https://hackerone.com/libsass)\n- [Liferay](mailto:security@liferay.com)\n- [Line](https://bugbounty.linecorp.com/en/)\n- [LinkedIn](mailto:security@linkedin.com)\n- [LiveEnsure](http://www.liveensure.com/contact.php)\n- [LocalBitcoins](https://cobalt.io/localbitcoins)\n- [Localize](https://hackerone.com/localize)\n- [Logentries](mailto:security@logentries.com)\n- [Lookout](mailto:security@lookout.com)\n- [Magento](mailto:security@magento.com)\n- [MAGIX](mailto:security@magix.net)\n- [Mahara](mailto:security@mahara.org)\n- [MaiCoin](https://cobalt.io/maicoin)\n- [Mail.Ru](https://hackerone.com/mailru)\n- [Mailbird](https://cobalt.io/mailbird)\n- [MailChimp](http://mailchimp.com/about/security-response/)\n- [ManageBGL](https://cobalt.io/managebgl)\n- [ManageWP](mailto:security@managewp.com)\n- [MapLogin](https://hackerone.com/maplogin)\n- [Marietje Schaake](https://go.intigriti.com/marietjeschaake)\n- [Marktplatts](https://hackerone.com/marktplaats)\n- [Mavenlink](https://hackerone.com/mavenlink)\n- [Maximum](https://hackerone.com/maximum)\n- [MCProHosting](https://bugcrowd.com/mcprohostings)\n- [MEGA](mailto:bugs@mega.co.nz)\n- [Mercury](https://cobalt.io/mercury)\n- [Meteor](https://hackerone.com/meteor)\n- [meXBT](https://cobalt.io/mexbt)\n- [Microsoft](mailto:secure@microsoft.com)\n- [Mimecast](mailto:disclosure@mimecast.com)\n- [Mobile Vikings](https://go.intigriti.com/mobilevikings)\n- [Mobile Vikings](https://hackerone.com/mobilevikings)\n- [Modus CSR](mailto:security@moduscsr.com)\n- [MoneyBird](mailto:security@moneybird.com)\n- [MoneyStream](https://hackerone.com/moneystream)\n- [Moodle](mailto:security@moodle.org)\n- [Motorola Solutions](mailto:security@motorolasolutions.com)\n- [Mozilla](https://www.mozilla.org/en-US/security/bug-bounty/)\n- [mynxt.info](https://cobalt.io/mynxt-info)\n- [NCSC](mailto:cert@ncsc.nl)\n- [Nearby Live](https://hackerone.com/nearby)\n- [Nest](mailto:security@nest.com)\n- [Netflix](mailto:security-report@netflix.com)\n- [Neverdie Smart Contract](https://hackenproof.com/neverdie/neverdie-smart-contract)\n- [Neverdie Web](https://hackenproof.com/neverdie/neverdie-web)\n- [Nexmo](https://cobalt.io/nexmo)\n- [Nexuzhealth](https://go.intigriti.com/nexushealth)\n- [Nexuzhealth Web PACS](https://go.intigriti.com/nexuzhealthwebpacs)\n- [Nginx](https://hackerone.com/ibb-nginx)\n- [Nitrous](mailto:security@nitrous.io)\n- [Nokia Networks](mailto:security-alert@nokia.com)\n- [NoPass](https://cobalt.io/nopass)\n- [NZRS](mailto:security@nzrs.net.nz)\n- [Offensive Security](mailto:security@offensive-security.com)\n- [ok.ru](https://hackerone.com/ok)\n- [OKCoin](https://cobalt.io/okcoin)\n- [OkCupid](https://hackerone.com/okcupid)\n- [Olark](mailto:security@olark.com)\n- [OneSpan Mobile](https://go.intigriti.com/vascomobileproducts)\n- [OneSpan Server Products](https://go.intigriti.com/vascoserver-sideproducts)\n- [Opal Cryptocurrency](https://cobalt.io/opal-cryptocurrency)\n- [Openfolio](https://hackerone.com/openfolio)\n- [OpenSSL](https://hackerone.com/ibb-openssl)\n- [OpenStack](https://security.openstack.org/#how-to-report-security-issues-to-openstack)\n- [OpenText](mailto:otst@opentext.com)\n- [Opera](https://bugs.opera.com/wizarddesktop)\n- [Optimizely](https://cobalt.io/optimizely)\n- [Oracle](mailto:secalert_us@oracle.com)\n- [ownCloud](https://hackerone.com/owncloud)\n- [PagerDuty](mailto:security@pagerduty.com)\n- [Panasonic Avionics](https://hackerone.com/panasonic-aero)\n- [Pantheon](https://bugcrowd.com/pantheon)\n- [Panzura](mailto:security@panzura.com)\n- [Paragon Initiative Enterprises](https://hackerone.com/paragonie)\n- [Paychoice](mailto:security@paychoice.com.au)\n- [PayMill](mailto:security@paymill.com)\n- [PayPal](mailto:https://www.paypal.com/bugbounty/register)\n- [Paytm](https://bugbounty.paytm.com)\n- [Perl](https://hackerone.com/ibb-perl)\n- [Phabricator](https://hackerone.com/phabricator)\n- [PHP](https://bugs.php.net/report.php)\n- [Pidgin](mailto:security@pidgin.im)\n- [PikaPay](mailto:security@pikapay.com)\n- [PinoyHackNews](mailto:admin@pinoyhacknews.com)\n- [Pinterest](https://bugcrowd.com/pinterest)\n- [Piwik Open Source Analytics](https://cobalt.io/piwik-open-source-analytics)\n- [Plone](mailto:security@plone.org)\n- [Pocket](mailto:security@getpocket.com)\n- [Poloniex](https://cobalt.io/poloniex)\n- [Postmark](https://wildbit.wufoo.com/forms/wildbit-security-response)\n- [Prezi](mailto:security-bug-bounty@prezi.com)\n- [Projectplace](https://hackerone.com/projectplace)\n- [PullReview](mailto:security@pullreview.com)\n- [Puppet labs](mailto:security@puppetlabs.com)\n- [PureVPN](https://bugcrowd.com/purevpn)\n- [Python](mailto:security@python.org)\n- [QIWI](https://hackerone.com/qiwi)\n- [Quadriga CX](https://cobalt.io/quadriga-cx)\n- [QuickBT](https://cobalt.io/quickbt)\n- [Quora](https://hackerone.com/quora)\n- [Rackspace](mailto:security@rackspace.com)\n- [Rdbhost_service](https://cobalt.io/rdbhost-service)\n- [Red Hat](mailto:site-security@redhat.com)\n- [Reddit](mailto:security@reddit.com)\n- [Relaso](mailto:security@relaso.com)\n- [RelateIQ](mailto:security@relateiq.com)\n- [Release Wire](http://www.releasewire.com/about/contact)\n- [Respondly](https://hackerone.com/respondly)\n- [Revive Adserver](https://hackerone.com/revive_adserver)\n- [Ribose](https://www.ribose.com/feedbacks/security)\n- [Ripio](https://cobalt.io/ripio)\n- [Ripple](mailto:bugs@ripple.com)\n- [Riskalyze](mailto:security@riskalyze.com)\n- [Romit](https://hackerone.com/romit)\n- [Ruby](mailto:security@ruby-lang.org)\n- [Ruby on Rails](https://hackerone.com/rails)\n- [Salesforce](mailto:security@salesforce.com)\n- [Samsung TV](https://samsungtvbounty.com/ReportBug.aspx)\n- [Sandbox Escape](https://hackerone.com/sandbox)\n- [SAP](mailto:secure@sap.com)\n- [Schuberg Philis](mailto:abuse@schubergphilis.com)\n- [Scorpion Software](mailto:security@scorpionsoft.com)\n- [Secret](https://hackerone.com/secret)\n- [Secure Works](mailto:security@secureworks.com)\n- [Sellfy](http://docs.sellfy.com/contact)\n- [Sentiance](https://go.intigriti.com/sentiance)\n- [ServiceRocket](https://bugcrowd.com/servicerocket)\n- [ShareLaTeX](mailto:team@sharelatex.com)\n- [Sherpany](https://cobalt.io/sherpany)\n- [Shopify](https://hackerone.com/shopify)\n- [Sifter](mailto:security@sifterapp.com?subject=%27Security%20Vulnerability%20Report%27)\n- [Silent Circle](https://bugcrowd.com/silentcircle)\n- [Simple](https://bugcrowd.com/simple)\n- [SiteGround](mailto:responsible-disclosure@siteground.com)\n- [Skoodat](mailto:security@skoodat.com)\n- [Skrill](https://cobalt.io/skrill)\n- [Skyscanner](https://bugcrowd.com/skyscanner)\n- [Slack](https://hackerone.com/slack)\n- [Snapchat](https://hackerone.com/snapchat)\n- [Snappy](mailto:security@userscape.com)\n- [Sonatype](mailto:security@sonatype.com)\n- [Sony](https://secure.sony.net/form)\n- [SoundCloud](https://scsecurity.freshdesk.com/support/tickets/new)\n- [Spaargids](https://go.intigriti.com/spaargids)\n- [SpectroCoin](https://cobalt.io/spectrocoin)\n- [Spendbitcoins](https://cobalt.io/spendbitcoins)\n- [SplashID](https://bugcrowd.com/splashid)\n- [Splitwise](mailto:security@splitwise.com)\n- [Spotify](mailto:security@spotify.com)\n- [Sprout Social](mailto:security@sproutsocial.com)\n- [Square](https://hackerone.com/square)\n- [Square Open Source](https://hackerone.com/square-open-source)\n- [StatusPage](https://bugcrowd.com/sunrise)\n- [StopTheHacker](https://hackerone.com/stopthehacker)\n- [Student Assessment System](https://go.intigriti.com/printscan)\n- [Studio 100](https://go.intigriti.com/studio100)\n- [Subledger](https://cobalt.io/subledger)\n- [Subrosa](https://cobalt.io/subrosa)\n- [Sucuri](https://hackerone.com/sucuri)\n- [Suivo](https://go.intigriti.com/suivoweb)\n- [Symantec](mailto:secure@symantec.com)\n- [Taptalk](https://hackerone.com/taptalk)\n- [Tarsnap](mailto:cperciva@tarsnap.com)\n- [TeamUnify](mailto:security@teamunify.com)\n- [Tele2](mailto:beveiligingsmeldpunt@tele2.com)\n- [Telekom](mailto:cert@telekom.de?subject=bug_bounty)\n- [Telenet](https://go.intigriti.com/telenet)\n- [Test-Aankoop](https://go.intigriti.com/testaankoop)\n- [The Internet](https://hackerone.com/internet)\n- [The Mastercoin Foundation](https://cobalt.io/the-mastercoin-foundation)\n- [ThisData](https://hackerone.com/thisdata)\n- [TimeTrex](https://cobalt.io/timetrex)\n- [ToyTalk](https://hackerone.com/toytalk)\n- [Trello](https://hackerone.com/trello)\n- [Tuenti](http://corporate.tuenti.com/en/contact/security)\n- [Tweakers](https://go.intigriti.com/tweakers)\n- [Twilio](https://bugcrowd.com/twilio)\n- [Twitch](mailto:security@twitch.tv)\n- [Twitter](https://hackerone.com/twitter)\n- [Uber](mailto:security-abuse@uber.com)\n- [Ubiquiti Networks](https://hackerone.com/ubnt)\n- [Unitag](mailto:security@unitag.io)\n- [Urban Dictionary](https://hackerone.com/urbandictionary)\n- [Uzbey](https://hackerone.com/uzbey)\n- [Valve Software](mailto:security@valvesoftware.com)\n- [VeChainThor](https://hackenproof.com/vechain/vechainthor)\n- [VeChainThor Wallet](https://hackenproof.com/vechain/vechainthor-wallet)\n- [VCE](mailto:security-alerts@vce.com)\n- [Venmo](mailto:security@venmo.com)\n- [Version Cake](https://hackerone.com/versioncake)\n- [Viadeo](mailto:security@viadeo.com)\n- [Vimeo](https://hackerone.com/vimeo)\n- [VK.com](https://hackerone.com/vkcom)\n- [Volusion](https://bugcrowd.com/volusion)\n- [VPNSox](https://cobalt.io/vpnsox)\n- [vulners.com](https://hackerone.com/vulnerscom)\n- [Vultr](https://www.vultr.com/bug-bounty/)\n- [Webconverger](mailto:security@webconverger.com)\n- [Websecurify](http://campaigns.websecurify.com/money-for-bugs/#contact)\n- [Weebly](https://cobalt.io/weebly)\n- [WePay](https://hackerone.com/wepay)\n- [Whisper](https://hackerone.com/whisper)\n- [WHMCS](https://bugcrowd.com/whmcs)\n- [Windthorst ISD](http://www.windthorstisd.net/BugReport.cfm)\n- [withinsecurity](https://hackerone.com/withinsecurity)\n- [WizeHive](mailto:security@wizehive.com)\n- [Woorank](https://go.intigriti.com/woorank)\n- [WordPoints](https://hackerone.com/wordpoints)\n- [Wordware](https://cobalt.io/wordware)\n- [WP API](https://hackerone.com/wp-api)\n- [Xen Project](mailto:security@xenproject.org)\n- [Xmarks](mailto:security@lastpass.com)\n- [Yahoo](https://hackerone.com/yahoo)\n- [Yandex](https://yandex.com/bugbounty/report)\n- [Yanomo](mailto:support@yanomo.com)\n- [Yesware](mailto:security@yesware.com)\n- [Zapier](mailto:security@zapier.com)\n- [Zaption](https://hackerone.com/zaption)\n- [ZenCash](mailto:security@zencash.com)\n- [Zendesk](https://hackerone.com/zendesk)\n- [Zetetic](mailto:support@zetetic.net)\n- [Ziggo](mailto:security@ziggo.nl)\n- [Zimbra](mailto:security@zimbra.com)\n- [Zoho](https://bugbounty.zoho.com/bb/info) \n- [Zomato](https://hackerone.com/zomato)\n- [Zopim](https://hackerone.com/zopim)\n- [Zynga](mailto:whitehat@zynga.com)\n\n## Aggregators\n\n- [BountyHQ](https://bountyhq.secapps.com/)\n\n## License\n\n[![CC0](http://mirrors.creativecommons.org/presskit/buttons/88x31/svg/cc-zero.svg)](https://creativecommons.org/publicdomain/zero/1.0/)\n\nTo the extent possible under law, [Dheeraj Joshi](https://github.com/djadmin) has waived all copyright and related or neighboring rights to this work.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdjadmin%2Fawesome-bug-bounty","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdjadmin%2Fawesome-bug-bounty","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdjadmin%2Fawesome-bug-bounty/lists"}