Search results
Open Bug Bounty is a platform for coordinated, responsible and ISO 29147 compatible vulnerability disclosure. It offers free bug bounty programs for website owners and security researchers, and tracks the latest coordinated disclosures and awards.
- Open Bug Bounty
Open Bug Bounty named among the Top 5 Bug Bounty programs of...
- Report a Vulnerability
Submit, help fixing, get kudos. Run your bounty program for...
- Search
Search - Free Bug Bounty Program and Coordinated...
- About The Project
Open Bug Bounty project enables website owners to receive...
- Forum
Forum - Free Bug Bounty Program and Coordinated...
- Contacts
Open Bug Bounty mentioned in the Top 6 Bug Bounty programs...
- Blog
Open Bug Bounty Blog. Unmasking the Power of Cross-Site...
- API Request
API for CERTs and LEAs. To promote coordinated and...
- Open Bug Bounty
- Project History
- Coordinated and Responsible Disclosure, ISO 29147
- Safe and Non-Intrusive Testing
- Submission and Verification Process
- Open Bug Bounty: Public and Private Submissions
- Bounties and Awards
- Good Faith and Ethics
- Available Integration
- GeneratedCaptionsTabForHeroSec
Started by a group of independent security researchers in June 2014, Open Bug Bounty is a non-profit platform designed to connect security researchers and website owners in a transparent, respectful and mutually valuable manner. Our purpose is to make the Web a safer place for everyone’s benefit. We have no financial or commercial interest in the p...
Open Bug Bounty’s coordinated vulnerability disclosure platform allows any security researcher reporting a vulnerability on any website as long as the vulnerability is discovered without any intrusive testing techniques and is submitted following responsible disclosure guidelines. The role of Open Bug Bounty is limited to independent verification o...
We only accept Cross-Site Scripting, CSRFand some other vulnerabilities that figure among the most common web application vulnerabilities today. When reporting GDPR PII exposure, we do not store the PII but the blurred screenshot after verifying the vulnerability. The proper process of testing for these vulnerabilities is harmless and cannot damage...
Once a vulnerability is reported and confirmed, we immediately send a security alert to the website owner following ISO 29147 guidelines, as well as to specific security contacts provided by the researcher. We strongly encourage security researchers to ensure reliable notification of the website owner for every submission. Security researchers can ...
Security researcher can choose how to report vulnerabilities. Website owners with bug bounties on Open Bug Bountycan limit submissions only to private ones: 1. Public Submission Once verified, we send notifications, without disclosing any technical details of the vulnerability, to: A public web page dedicated to the vulnerability will be automatica...
A website owner can express a gratitude to a researcher for reporting vulnerability in a way s/he considers the most appropriate and proportional to the researcher's efforts and help. As a matter of example, Google pays from $7,500 to $100per XSS vulnerability submitted by security researchers. But Google is Google, you may adjust your remuneration...
We have a zero tolerance policy for any unethical or unlawful activities. We always encourage the researchers to be respectful, responsive and polite, to provide website owners with all reasonable help and assistance. If a researcher violates the enacted standards of ethics and good faith including but not limited to: 1. demanding remuneration to d...
For website owners, we provide vulnerability data export option to the following SDLC, DevOps and bug tracking systems:
Open Bug Bounty connects security researchers and website owners for coordinated and responsible disclosure of web vulnerabilities. Learn about the project history, submission process, bounties and awards, and available integration.
Open Bug Bounty is a platform for security researchers and website owners to coordinate and disclose vulnerabilities responsibly. You can report a vulnerability in any website or start a bug bounty program for free and get kudos.
OpenBugBounty.org is a platform for security researchers and website owners to collaborate on finding and fixing XSS vulnerabilities. Learn how to register, submit, and start a bug bounty program for free.
3 days ago · Open Bug Bounty is a platform for reporting and fixing vulnerabilities on websites. See the latest submissions and disclosures by researchers and website owners via coordinated disclosure.
Open Bug Bounty is a platform that connects researchers and website owners for ethical hacking. Learn how to report and get paid for vulnerabilities, how to host a bug bounty program, and how to get help from the community.
People also ask
How to start bug bounty program for free?
How to report a vulnerability via Open Bug Bounty?
Is open bug bounty a good program?
What happens if I run a bug bounty on Open Bug Bounty?
Open Bug Bounty is a non-profit bug bounty platform established in 2014. The coordinated vulnerability disclosure platform allows independent security researchers to report XSS and similar security vulnerabilities on any website they discover using non-intrusive security testing techniques. [1] The researchers may choose to make the details of ...
