Skip to content
/ BB-datas Public
forked from gwen001/BB-datas

Tools and datas related to bug bounty programs.

1 star 68 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

nightwatchcyber/BB-datas

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

58 Commits
hackerone
hackerone
 
 
images
images
 
 
README.md
README.md
 
 

Repository files navigation

Last update: 2018-12-06


hackerone

Link: https://hackerone.com/
Country: US
Registration: public
Researchers: ?
Programs: 1200+
Visibility: public, private
Public disclosure: yes
Reputation: based on reports status and rewards
Additional metrics: signal, impact, badges
Payout methods: Paypal, Coinbase, bank transfer

Bugcrowd

Link: https://www.bugcrowd.com/
Country: US
Registration: public
Researchers: ?
Programs: ?
Visibility: public, private
Public disclosure: no
Reputation (kudos): based on reports criticity
Additional metrics: accuracy
Payout methods: Paypal, Payoneer


Yes We Hack (previously Bounty Factory)

Link: https://www.yeswehack.com/en/
Country: France
Registration: public
Researchers: ~750
Programs: ?
Visibility: public, private
Public disclosure: no
Reputation: based on reports status, rewards and reports quality
Additional metrics: no
Payout methods: bank transfer


Yogosha

Link: https://www.yogosha.com/
Country: France
Registration: test required
Researchers: ~150
Programs: ?
Visibility: public, private
Public disclosure: no
Reputation: ?
Additional metrics: reports quality
Payout methods: bank transfer


HackenProof

Link: https://hackenproof.com/
Country: Estonia
Registration: public
Researchers: ~1000
Programs: ?
Visibility: public, private, vetted
Public disclosure: yes
Reputation: reports status and reports severity
Additional metrics: -
Payout methods: HKN (Hacken crypto currency)


cobalt

Link: https://cobalt.io/
Country: US
Registration: invitation required
Researchers: ?
Programs: ?
Visibility: invite only
Public disclosure: no
Reputation: none
Additional metrics: no
Payout methods: Paypal, Bitcoin


Synack Red Team

Link: https://www.synack.com/red-team/
Country: US
Registration: tutorial, video interview, technical assessments, background check, ID verification
Researchers: ~3000
Programs: ?
Visibility: private
Public disclosure: no
Reputation: reports quality, rewards, target hardening
Additional metrics: ?
Payout methods: Paypal


Intigriti

Link: https://www.intigriti.com/
Country: Belgium
Registration: public
Researchers: ?
Programs: ?
Visibility: public, confidential, private, vetted
Public disclosure: no
Reputation: based on reports criticity
Additional metrics: quality score
Payout methods: bank transfer


Zerocopter

Link: https://www.zerocopter.com/
Country: Netherlands
Registration: disabled
Researchers: ?
Programs: ?
Visibility: private, vetted
Public disclosure: no
Reputation: no
Additional metrics: no
Payout methods: Paypal, Bitcoin, bank transfer
Extra info: Rewards fixed by the platform (https://www.zerocopter.com/en/vulnerability-price-list)


Detectify

Link: https://cs.detectify.com/
Country: Sweden
Registration: invite only
Researchers: 150+
Programs: N/A
Visibility: private
Public disclosure: no
Reputation: vulnerability severity and popularity
Additional metrics: ?
Payout methods: payment handled through Bugcrowd
Extra infos: Vulnerabilities are submitted to Detectify continuously, implemented into Detectify scanners and researchers are rewarded as their vulnerabilities are found in Detectify customer's scans, a unique model which separates Detectify Crowdsource from other platforms. Detectify does not work with programs in that sense, but instead focus Detectify researchers' attention towards technology types used by a range of companies.

AntiHack.me

Link: https://www.antihack.me/
Country: Singapore
Registration: public
Researchers: ?
Programs: ?
Visibility: public, private
Public disclosure: no
Reputation: based reports status and rewards
Additional metrics: hit rate, impact
Payout methods: Paypal


BugBounty.jp

Link: https://bugbounty.jp/
Country: Japan
Registration: public
Researchers: ~1500
Programs: ?
Visibility: public, private
Public disclosure: no
Reputation: based on reports status and rewards
Additional metrics: -
Payout methods: Paypal, bank transfer (Japan)


CESPPA

Link: https://www.cesppa.com/
Country: US
Registration: public
Researchers: ?
Programs: ?
Visibility: public, private, exclusive
Public disclosure: no
Reputation: work in progress
Additional metrics: no
Payout methods: Paypal, cryptocurrency (BTC, LTC, ETH)
Extra infos: Triage team can be reached on Bug Bounty World slack at #cesppa

SafeHats

Link: https://safehats.com/
Country: India
Registration: public
Researchers: ?
Programs: ?
Visibility: private
Public disclosure: ?
Reputation (karma score): reports status and rewards
Additional metrics: relevancy score, bounty score
Payout methods: Paypal, Bitcoin


Federacy

Link: https://www.federacy.com/
Country: US
Registration: public
Researchers: ~20
Programs: ~20
Visibility: public, private
Public disclosure: no
Reputation: work in progress
Additional metrics: no
Payout methods: Paypal, Venmo, Bitcoin, Ethereum, Stripe on the way
Extra infos: Currently in a closed beta. If you signed up without an invitation code, there is a hard limit set on your account allowing only 3 reports to be submitted per week.

Hacktrophy

Link: https://hacktrophy.com/en/
Country: Slovak Republic
Registration: public
Researchers: 600+
Programs: ?
Visibility: public, private
Public disclosure: yes
Reputation: no
Additional metrics: no
Payout methods: Paypal, Bitcoin, bank transfer
Extra infos: Programs set reward limit by month/year.

Hackrfi

Link: https://hackr.fi/en/
Country: Finland
Registration: public
Researchers: ?
Programs: ?
Visibility: ?
Public disclosure: ?
Reputation: ?
Additional metrics: ?
Payout methods: Paypal, bank transfer (Finland)


Open Bug Bounty

Link: https://www.openbugbounty.org/
Country: ?
Registration: public
Researchers: 7500+
Programs: N/A
Visibility: N/A
Public disclosure: yes
Reputation: ?
Additional metrics: recommendations, badges
Payout methods: up to the company
Extra infos: Open Bug Bounty is a non-profit Bug Bounty platform. The responsible disclosure platform allows independent security researchers to report XSS and similar security vulnerabilities on any website they discover.


BountyGraph

Platform shut down on December 12th, 2018 - see announcement

Link: https://bountygraph.com/
Country: US
Registration: public
Researchers: ?
Programs: ?
Visibility: ?
Public disclosure: ?
Reputation: ?
Additional metrics: ?
Payout methods: Paypal, Stripe

~~ BugsBounty

Link: https://bugsbounty.io/
Country: India
Registration: currently running internally
Researchers: ?
Programs: ?
Visibility: ?
Public disclosure: ?
Reputation: ?
Additional metrics: ?
Payout methods: ?


Cyber Army

Link: https://www.cyberarmy.id/
Country: Indonesia
Registration: public
Researchers: ~20
Programs: ~10
Visibility: ?
Public disclosure: no
Reputation: ?
Additional metrics: ?
Payout methods: ?


BugBountyZone

Link: https://www.bugbountyzone.com/
Country: France
Registration: good luck
Researchers: ?
Programs: ?
Visibility: ?
Public disclosure: ?
Reputation: ?
Additional metrics: ?
Payout methods: ?


0 day platforms:


Zero Day Initiative

Link: https://www.zerodayinitiative.com/
Country: US
Registration: public
Researchers: N/A
Programs: N/A
Visibility: N/A
Public disclosure: no
Reputation: ?
Additional metrics: ?
Payout methods: wire transfer
Extra infos: Trend Micro’s Zero Day Initiative (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.

About

Tools and datas related to bug bounty programs.

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • PHP 100.0%