Based on our record, Open Bug Bounty seems to be more popular. It has been mentiond 3 times since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
If someone has reported a potential exploit via openbugbounty.org and has contacted you saying you must disclose this issue, how must you go about that to be compliant? Source: almost 2 years ago
Also depending on where you're at (e.g. Which country), it may be perfectly legal for you to test for non-instrusive vulns (I.e. xss/csrf/redirects) legally without permission, as long as you aren't actually weaponizing them.. So I used to test for that stuff against live sites in the wild and then report it via projects like https://openbugbounty.org/ just as a way to get some practice in against live targets. Source: over 2 years ago
I used Open Bug Bounty quite a lot, but to be honest, most of it was just sending e-mails to the affected company. I suppose you could call it cold calling. Source: almost 3 years ago
HackerOne - HackerOne provides a platform designed to streamline vulnerability coordination and bug bounty program by enlisting hackers.
Forcepoint Web Security Suite - Internet Security
YesWeHack - Global Bug Bounty & Vulnerability Management Platform
Acunetix - Audit your website security and web applications for SQL injection, Cross site scripting and other...
Intigriti - Intigriti offers bug bounty and agile penetration testing solutions powered by Europe's #1 leading network of ethical hackers.
Trustwave Services - Trustwave is a leading cybersecurity and managed security services provider that helps businesses fight cybercrime, protect data and reduce security risk.