Open Bug Bounty
HackerOne
Bugcrowd
Intigriti
HackenProof
Hackrate
SafeHats
Bugheist
YesWeHack
HackerOne
Bugcrowd
Intigriti
HackenProof
Hackrate
SafeHats
Federacy
YesWeHack is a leading Bug Bounty and Vulnerability Management Platform. Founded by ethical hackers in 2015, YesWeHack connects organisations worldwide to tens of thousands of ethical hackers, who uncover vulnerabilities in websites, mobile apps, connected devices and digital infrastructure.
Bug Bounty programs benefit from in-house triage, personalised support, a customisable model and results-based pricing. Clients include ZTE, Tencent, Swiss Post, Orange France and the French Ministry of Armed Forces.
The YesWeHack platform offers a range of integrated, API-based solutions: Bug Bounty (crowdsourcing vulnerability discovery); Vulnerability Disclosure Policy (creating and managing a secure channel for external vulnerability reporting); Pentest Management (managing pentest reports from all sources); Attack Surface Management (continuously mapping online exposure and detecting attack vectors); and ‘Dojo’ and YesWeHackEDU (ethical hacking training).
YesWeHack's services have ISO 27001 and ISO 27017 certifications, and its IT infrastructure is hosted by EU-based IaaS providers, compliant with the most stringent standards: ISO 27001 (+ 27017, 27018 & 27701), CSA STAR, SOC I/II Type 2 and PCI DSS.
Find out more at www.yeswehack.com
Open Bug Bounty YesWeHackNo features have been listed yet.
No Open Bug Bounty videos yet. You could help us improve this page by suggesting one.
Based on our record, Open Bug Bounty should be more popular than YesWeHack. It has been mentiond 3 times since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
If someone has reported a potential exploit via openbugbounty.org and has contacted you saying you must disclose this issue, how must you go about that to be compliant? Source: almost 2 years ago
Also depending on where you're at (e.g. Which country), it may be perfectly legal for you to test for non-instrusive vulns (I.e. xss/csrf/redirects) legally without permission, as long as you aren't actually weaponizing them.. So I used to test for that stuff against live sites in the wild and then report it via projects like https://openbugbounty.org/ just as a way to get some practice in against live targets. Source: over 2 years ago
I used Open Bug Bounty quite a lot, but to be honest, most of it was just sending e-mails to the affected company. I suppose you could call it cold calling. Source: almost 3 years ago
There are many resources online nowadays to learn security. You can do challenges on https://root-me.org, https://www.hackthebox.com/, https://overthewire.org/wargames/, etc. You can participate in security competitions (CTFs), see https://ctftime.org for a list of upcoming events. And finally if you are more interested in web security you can look for bugs on websites and get paid for it by https://hackerone.com... Source: about 1 year ago
HackerOne - HackerOne provides a platform designed to streamline vulnerability coordination and bug bounty program by enlisting hackers.
Bugcrowd - Harness the largest pool of curated and ranked security researchers to run the most efficient bug bounty and penetration tests
Intigriti - Intigriti offers bug bounty and agile penetration testing solutions powered by Europe's #1 leading network of ethical hackers.
HackenProof - The world trusted Bug Bounty Platform for crypto projects
Hackrate - Our platform helps companies to identify software vulnerabilities in a cost-efficient way. It provides a secure and centralized view of ethical hacking projects for your company.
SafeHats - Safehats is providing bug bounty and vulnerability disclosure services to enterprises.
