https://github.com/disclose/bug-bounty-platforms
A community-powered collection of all known bug bounty platforms, vulnerability disclosure platforms, and crowdsourced security platforms currently active on the Internet.
https://github.com/disclose/bug-bounty-platforms
Last synced: 23 days ago
JSON representation
A community-powered collection of all known bug bounty platforms, vulnerability disclosure platforms, and crowdsourced security platforms currently active on the Internet.
- Host: GitHub
- URL: https://github.com/disclose/bug-bounty-platforms
- Owner: disclose
- License: cc0-1.0
- Created: 2021-07-24T15:40:25.000Z (almost 4 years ago)
- Default Branch: main
- Last Pushed: 2025-04-10T14:41:38.000Z (28 days ago)
- Last Synced: 2025-04-10T15:59:37.262Z (28 days ago)
- Homepage: https://platforms.disclose.io
- Size: 111 KB
- Stars: 697
- Watchers: 23
- Forks: 156
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - disclose/bug-bounty-platforms - A community-powered collection of all known bug bounty platforms, vulnerability disclosure platforms, and crowdsourced security platforms currently active on the Internet. (Others)
README
# Open-Sourced Collection of Bug Bounty Platforms
An ongoing community-powered collection of all known bug bounty platforms, vulnerability disclosure platforms, and crowdsourced security platforms currently active on the Internet.
Is there a platform or detail missing, or have you spotted something wrong? This site is open source. [Improve this page](https://github.com/disclose/bug-bounty-platforms/edit/main/README.md)!
| Name | Website | Active | Location | Twitter | Private/Public | Bounties | Hall of Fame | Program List |
|-------------------------|-----------------------------------------------------|--------|---------------------------|---------------------------------------------------------------|------------------|----------|-------------------------------------------------------------------|----------------------------------------------------------------------|
| Bug Bounty Switzerland | [https://bugbounty.ch](https://bugbounty.ch) | Yes | Switzerland | [@bugbounty_ch](https://x.com/bugbounty_ch) | Private + Public | Yes | | |
| Bug Hunt | [https://bughunt.com.br](https://bughunt.com.br) | Yes | Brazil | | Private + Public | Yes | [https://bughunt.com.br/ranking-bughunters.html](https://bughunt.com.br/ranking-bughunters.html) | |
| Bugbase | [https://bugbase.ai](https://bugbase.ai) | Yes | India | [@bugbase](https://x.com/bugbase) | Private + Public | Yes | [https://bugbase.in/dashboard/leaderboard](https://bugbase.in/dashboard/leaderboard) | [https://bugbase.ai/programs](https://bugbase.ai/programs) |
| BugBounter | [https://bugbounter.com](https://bugbounter.com) | Yes | US & Estonia & Turkey | [@bugbounterr](https://x.com/bugbounterr) | Private + Public | Yes | [https://app.bugbounter.com/public-top-bounters](https://app.bugbounter.com/public-top-bounters) | |
| bugbounty.sa | [https://bugbounty.sa](https://bugbounty.sa) | Yes | Saudi Arabia | [@BugBountySA](https://x.com/BugBountySA) | Private | Yes | [https://bugbounty.sa/leaderboard](https://bugbounty.sa/leaderboard) | |
| Bugcrowd | [https://bugcrowd.com](https://bugcrowd.com) | Yes | USA | [@bugcrowd](https://x.com/bugcrowd) | Private + Public | Yes | [https://bugcrowd.com/leaderboard](https://bugcrowd.com/leaderboard) | [https://bugcrowd.com/programs](https://bugcrowd.com/programs) |
| BugRap | [https://bugrap.io](https://bugrap.io) | Yes | | [@BugRap_Team](https://x.com/BugRap_Team) | Public | Yes | [https://bugrap.io/whiteHats](https://bugrap.io/whiteHats) | [https://bugrap.io/bounties](https://bugrap.io/bounties) |
| bugsbounty.io | [https://bugsbounty.io](https://bugsbounty.io) | No | England | [@bugsbounty_com](https://x.com/bugsbounty_com) | Private | | | |
| Bugv | [https://bugv.io/](https://bugv.io/) | Yes | Nepal | [@bugvsecurity](https://x.com/bugvsecurity) | Public | Yes | | |
| Capture The Bug | [https://capturethebug.xyz](https://capturethebug.xyz) | Yes | New Zealand | [@Capturethebugs](https://x.com/Capturethebugs) | Private | | | |
| Inspectiv | [https://cesppa.com](https://cesppa.com) | Yes | USA | [@inspectiv](https://x.com/inspectiv) | Private + Public | Yes | | |
| Cobalt | [https://cobalt.io](https://cobalt.io) | Yes | USA | [@cobalt_io](https://x.com/cobalt_io) | Private | Yes | [https://app.cobalt.io/pentesters](https://app.cobalt.io/pentesters) | |
| Code4rena | [https://code4rena.com](https://code4rena.com) | Yes | | [@code4rena](https://x.com/code4rena) | Public | Yes | [https://code4rena.com/leaderboard](https://code4rena.com/leaderboard) | [https://code4rena.com/contests](https://code4rena.com/contests) |
| Com Olho | [https://comolho.com](https://comolho.com) | Yes | India | [@com_olho](https://x.com/com_olho) | Private + Public | Yes | [https://cyber.comolho.com/researcher-community/](https://cyber.comolho.com/researcher-community/) | [https://cyber.comolho.com/programs/bug-bounty/](https://cyber.comolho.com/programs/bug-bounty/) |
| Compass Security | [https://compass-security.com](https://compass-security.com) | Yes | Switzerland | [@compasssecurity](https://x.com/compasssecurity) | Private + Public | Yes | | [https://bugbounty.compass-security.com/](https://bugbounty.compass-security.com/) |
| Crowdswarm | [https://crowdswarm.io](https://crowdswarm.io) | Yes | United Arab Emirates | [@Crowdswarm1](https://x.com/Crowdswarm1) | Private + Public | Yes | | [https://app.crowdswarm.io/p.html](https://app.crowdswarm.io/p.html) |
| Cyber Army Indonesia | [https://cyberarmy.id](https://cyberarmy.id) | Yes | Indonesia | [@cyberarmyid](https://x.com/cyberarmyid) | Private + Public | Yes | [https://cyberarmy.id/leaderboard](https://cyberarmy.id/leaderboard) | [https://cyberarmy.id/programs](https://cyberarmy.id/programs) |
| Cyscope | [https://cyscope.io](https://cyscope.io) | Yes | Switzerland & Latam | [@cy_scope](https://x.com/cy_scope) | Private + Public | Yes | | |
| Detectify | [https://detectify.com](https://detectify.com) | Yes | Sweden | [@detectify](https://x.com/detectify) | Private | Yes | | |
| Dvuln | [https://dvuln.com](https://dvuln.com) | Yes | Australia | [@d_vuln](https://x.com/d_vuln) | Private | Yes | | [https://securityat.me/vdp_directory](https://securityat.me/vdp_directory) |
| EpicBounties | [https://epicbounties.com](https://epicbounties.com) | Yes | Spain and LATAM | [@epicbounties](https://x.com/epicbounties) | Private + Public | Yes | [https://app.epicbounties.com/hunter-ranking](https://app.epicbounties.com/hunter-ranking) | [https://app.epicbounties.com/programs](https://app.epicbounties.com/programs) |
| Federacy | [https://federacy.com](https://federacy.com) | Yes | USA | [@_federacy](https://x.com/_federacy) | Private + Public | Yes | | |
| Findbug | [https://findbug.io](https://findbug.io) | Yes | Kosovo | [@Findbugks](https://x.com/Findbugks) | Private | Yes | | |
| GObugfree | [https://gobugfree.com](https://gobugfree.com) | Yes | Switzerland | [@gobugfree](https://x.com/gobugfree) | Private + Public | Yes | | [https://app.gobugfree.com/programs](https://app.gobugfree.com/programs) |
| HackenProof | [https://hackenproof.com](https://hackenproof.com) | Yes | Estonia | [@HackenProof](https://x.com/HackenProof) | Private + Public | Yes | [https://hackenproof.com/leaderboard](https://hackenproof.com/leaderboard) | [https://hackenproof.com/programs](https://hackenproof.com/programs) |
| HackerOne | [https://hackerone.com](https://hackerone.com) | Yes | USA | [@hacker0x01](https://x.com/hacker0x01) | Private + Public | Yes | [https://hackerone.com/leaderboard](https://hackerone.com/leaderboard) | [https://hackerone.com/directory/programs](https://hackerone.com/directory/programs) |
| Hackrate | [https://hckrt.com](https://hckrt.com) | Yes | Hungary, Europe | [@hackrate](https://x.com/hackrate) | Private + Public | Yes | [https://hckrt.com/Profiles/Leaderboard](https://hckrt.com/Profiles/Leaderboard) | [https://hckrt.com/Programs](https://hckrt.com/Programs) |
| HACKTIFY | [https://hacktify.com](https://hacktify.com) | Yes | Central and Eastern Europe| [@HACKTIFY_](https://x.com/HACKTIFY_) | Private + Public | Yes | [https://hacktify.eu/en/leaderboard/](https://hacktify.eu/en/leaderboard/) | [https://hacktify.eu/en/public-programs/](https://hacktify.eu/en/public-programs/) |
| Hacktrophy | [https://hacktrophy.com](https://hacktrophy.com) | Yes | Slovakia | [@hacktrophy](https://x.com/hacktrophy) | Private | Yes | | |
| Hats | [https://hats.finance](https://hats.finance) | Yes | | [@HatsFinance](https://x.com/HatsFinance) | Public | Yes | | [https://app.hats.finance/vaults](https://app.hats.finance/vaults) |
| Huntr | [https://huntr.dev](https://huntr.dev) | Yes | UK | [@huntrdev](https://x.com/huntrdev) | Private + Public | Yes | [https://huntr.dev/leaderboard](https://huntr.dev/leaderboard) | [https://huntr.dev/bounties/hacktivity](https://huntr.dev/bounties/hacktivity) |
| Immunefi | [https://immunefi.com](https://immunefi.com) | Yes | | [@immunefi](https://x.com/immunefi) | Public | Yes | [https://immunefi.com/leaderboard/](https://immunefi.com/leaderboard/) | [https://immunefi.com/explore/](https://immunefi.com/explore/) |
| Intigriti | [https://intigriti.com](https://intigriti.com) | Yes | Belgium | [@intigriti](https://x.com/intigriti) | Private + Public | Yes | [https://intigriti.com/leaderboard](https://intigriti.com/leaderboard) | [https://intigriti.com/programs](https://intigriti.com/programs) |
| Nordic Defender | [https://nordicdefender.com](https://nordicdefender.com) | Yes | Sweden | [@nordicdefender](https://x.com/nordicdefender) | Private | | | |
| ødin | [https://0din.ai/](https://0din.ai/) | | USA | [@0dinai](https://x.com/0dinai) | | | | [https://0din.ai/scope](https://0din.ai/scope) |
| Open Bug Bounty | [https://openbugbounty.org](https://openbugbounty.org) | Yes | Bangladesh | [@openbugbounty](https://x.com/openbugbounty) | Public | Yes | [https://openbugbounty.org/](https://openbugbounty.org/) | [https://openbugbounty.org/bugbounty-list/](https://openbugbounty.org/bugbounty-list/) |
| Pentabug | [https://pentabug.com](https://pentabug.com) | Yes | India | [@pentabug](https://x.com/pentabug) | Private | Yes | [https://pentabug.com](https://pentabug.com) | |
| Ravro | [https://ravro.ir](https://ravro.ir) | Yes | Iran | [@Ravro_ir](https://x.com/Ravro_ir) | Private + Public | Yes | [https://ravro.ir/reports](https://ravro.ir/reports) | [https://ravro.ir/companies](https://ravro.ir/companies) |
| RedStorm | [https://redstorm.io](https://redstorm.io) | Yes | Indonesia | [@redstorm_io](https://x.com/redstorm_io) | Yes | Yes | | [https://redstorm.io/program](https://redstorm.io/program) |
| Safevuln | [https://SafeVuln.com](https://SafeVuln.com) | Yes | Vietnam | | Public | Yes | [https://safevuln.com/leaderboard](https://safevuln.com/leaderboard) | [https://safevuln.com/programs](https://safevuln.com/programs) |
| ScanTitan | [https://scantitan.com](https://scantitan.com) | Yes | Netherlands | [@scantitan](https://x.com/scantitan) | Private | Yes | | |
| Secuna | [https://secuna.io](https://secuna.io) | Yes | Phillipines | [@SecunaSecurity](https://x.com/SecunaSecurity) | Private | Yes | | |
| Sherlock | [https://sherlock.xyz](https://www.sherlock.xyz) | Yes | | [@sherlockdefi](https://x.com/sherlockdefi) | Public | Yes | [https://app.sherlock.xyz/audits/leaderboard](https://app.sherlock.xyz/audits/leaderboard) | [https://app.sherlock.xyz/audits/contests](https://app.sherlock.xyz/audits/contests) |
| SlowMist | [https://slowmist.com](https://slowmist.com) | Yes | China | [@SlowMist_Team](https://x.com/SlowMist_Team) | Public | Yes | | |
| Swarmnetics | [https://swarmnetics.com](https://swarmnetics.com) | Yes | Singapore | [@swarmnetics](https://x.com/swarmnetics) | Private | Yes | | |
| Synack | [https://synack.com](https://synack.com) | Yes | USA | [@synack](https://x.com/synack) | Private | Yes | | |
| Teklabspace | [https://teklabspace.com](https://teklabspace.com) | Yes | Nigeria | [@teklabspace](https://x.com/teklabspace) | Public | Yes | [https://app.teklabspace.com/leaders-board/](https://app.teklabspace.com/leaders-board/) | [https://app.teklabspace.com/program/](https://app.teklabspace.com/program/) |
| Testbirds | [https://testbirds.com](https://testbirds.com) | Yes | Germany | [@Testbirds](https://x.com/Testbirds) | Private | No | | |
| thebugbounty | [https://thebugbounty.com](https://thebugbounty.com) | Yes | Malaysia | [@thebugbounty](https://x.com/thebugbounty) | Private | Yes | | |
| v1bounty | [https://v1bounty.com](https://v1bounty.com) | Yes | Germany | [@v1bounty](https://x.com/v1bounty) | Public | Yes | | |
| Vulbox | [https://vulbox.com](https://vulbox.com) | Yes | China | | Private + Public | Yes | [https://vulbox.com/top/season](https://vulbox.com/top/season) | [https://vulbox.com/projects/list](https://vulbox.com/projects/list) |
| Vulnerability Lab | [https://vulnerability-lab.com](https://vulnerability-lab.com) | Yes | Germany | | Private + Public | Yes | [https://vulnerability-lab.com/hacktivity.php](https://vulnerability-lab.com/hacktivity.php) | |
| Vulnscope | [https://vulnscope.com](https://vulnscope.com) | Yes | Chile | [@vulnscope](https://x.com/vulnscope) | Private | Yes | [https://vulnscope.com/hacker-ranking](https://vulnscope.com/hacker-ranking) | [https://vulnscope.com/programas](https://vulnscope.com/programas) |
| WhiteHub | [https://whitehub.net](https://whitehub.net) | Yes | Vietnam | [@CyStackSecurity](https://x.com/CyStackSecurity) | Private + Public | Yes | [https://whitehub.net/leaderboard](https://whitehub.net/leaderboard) | [https://whitehub.net/programs](https://whitehub.net/programs) |
| YesWeHack | [https://yeswehack.com](https://yeswehack.com) | Yes | France | [@yeswehack](https://x.com/yeswehack) | Private + Public | Yes | [https://yeswehack.com/ranking](https://yeswehack.com/ranking) | [https://yeswehack.com/programs](https://yeswehack.com/programs) |
| Yogosha | [https://yogosha.com](https://yogosha.com) | Yes | France | [@yogoshaofficial](https://x.com/yogoshaofficial) | Private | Yes | | |
| Zero Day Initiative | [https://zerodayinitiative.com](https://zerodayinitiative.com) | Yes | USA | [@thezdi](https://x.com/thezdi) | Public | Yes | [https://zerodayinitiative.com/advisories/published/](https://zerodayinitiative.com/advisories/published/) | |
| Zerocopter | [https://zerocopter.com](https://zerocopter.com) | Yes | Netherlands | [@zerocopter](https://x.com/zerocopter) | Private | Yes | | |