Report a Vulnerability
Submit, help fixing, get kudos.
Start a Bug Bounty
Run your bounty program for free.
533,799 coordinated disclosures
345,110 fixed vulnerabilities
804 bug bounties with 1,576 websites
16,404 researchers, 1116 honor badges
Overpaying Bug Bounty Management Fees?
Try Crowd Security Testing at Open Bug Bounty Platform
Open Bug Bounty is an open, disintermediated, cost-free, and community-driven Bug Bounty
platform for coordinated, responsible and ISO 29147 compatible vulnerability disclosure

上海夜会

 Community helped fix
345,110 vulnerabilities


Testimonials About Our Security Researchers
bmwghp from University of Tokyo      @bmwghp

"Thanks for your report of a vulnerability on our site and quick response to our request of additional information. We were able to fix the problem very soon."

Responsible Disclosure from A1 Telekom Austria      @PaulMar23292621

"Hey,sorry last time I checked your site I didn't see this way to get in contact with you. Thank you very much for your submission to us. As you have noticed the issue has already been fixed. We don't have a hall of fame yet, but I will make sure that you are on it once it arrives. Please excuse the late reply.All the best,RD @ A1"

Peter from Philips      @PeterQsm94934

"Pedro did a swift job in disclosing the vulnerability he found. Thanks!"

Rob McGregor from VERIZON      @RobMcGregor4

"Indeed professional, rapid to respond, and we do look forward to working together for any future issues identified. Keep up the good work!!"

Robert Philipps from eBay Inc.      @rophilipps

"Very professional security researcher.dim0k found an unknown XSS vulnerability on one of our sites and provided us with clear information about how and where to find the issue, so we could resolve it very fast. We here at eBay can say that this was a very pleasant experience and are very thankful for his great work!"

Josef Nedstam from IKEA IT      @DrNedstam

"Donkey provided professional help and we are grateful for the discovery of these unfortunate vulnerabilities. Don't hesitate to contact this researcher if your site has reported issues"

ycjisysspg_sec from Yamaha Corporation      @ycjisysspg_sec

"Thank you tbmnull for finding the XSS vulnerability on www.yamaha.com (Reports No: 180851, 180214). Though a long time has passed from your reporting, we inform that we mended the vulnerabilities.Keep up the good work!"

Adam Hess from Brooklyn Law School      @AdamHessDev

"Serge, Thank you for helping us finding vulnerabilities in our website. I appreciated your responsiveness and clear demonstration of the exploit."

Tony from British Library      @SecurityBl

"Thank you Sohel for identifying a vulnerability on our site which has contributed to making it more secure. Thank you."

Gary from UC Berkeley      @casterln

"Much appreciated alert. Will take seriously any future notices for sure. Very helpful. Recommended!"

Paddy from Twitter      @paddydrums

"Thanks for helping out. Fast and helpful response."

Alin Tomescu from MIT      @alinush407

"localblackhat (CMD) found an XSS bug on our website which we were able to quickly fix thanks to her/his help."

"Thanks for finding the XSS vulnerability - very helpful, and he was quick to respond when I couldn't reproduce it."

Josef Krycha from Canon Europe Ltd.      @JKrycha

"DrStache reported multiple vulnerabilities in Canon websites ranging form reflected XSS's, SQL injections to information disclosure. All findings were valid and the communication with him was quick and efficient. Thank you for your help and best of luck!"

Computer Center from University of Vienna      @ziduniwien

"Dear SonnySpooks,The University of Vienna would like to thank you for your valuable contribution in finding multiple website security issues.Your input is highly welcome and helps to raise the security level of our educational institution.Servus and greetings from Vienna, Austria."

Patrick Saladino from EPFL      @patricksaladino

"Dear Serge,The EPFL would like to thank you for identifying and responsibly disclosing a vulnerability on one of our websites. Your responsiveness was also greatly appreciated."

Omey from Dell      @omey_09

"Thank you for your great assistance for finding XSS vulnerability on our site. Keep it up....."

Silas from Virgin Australia      @__sw1tch__

"Dan is incredibly professional, very responsive and a pleasure to work with. Many thanks!"

Philippe C. from Santé publique France      @sahorle

"Merci pour la notification. La faille de sécurité est corrigée."

Axel Schmidt from TeamViewer      @TeamViewer

"Cameron helped us significantly improve our services, and certainly proved to be extremely knowledgeable. We are extremely grateful to him and very much appreciate his research."



上海夜会

Top Bug Bounty ProgramsRecently Started

上海夜会

WebsiteReported byDate
24.06.2020
24.06.2020
24.06.2020
24.06.2020
24.06.2020
24.06.2020
24.06.2020
24.06.2020
24.06.2020

Awards Our Security Researchers Get
Open Bug Bounty Researcher wins lot of gift-cardsOpen Bug Bounty Researcher wins lot of bountiesOpen Bug Bounty Researcher wins lot of monay bounties
Open Bug Bounty Researcher wins Canon PixmaOpen Bug Bounty Researcher wins hoodyOpen Bug Bounty Researcher wins chocolate
Open Bug Bounty Researcher wins $600,00 USDOpen Bug Bounty Researcher wins Dry JinOpen Bug Bounty Researcher wins BlackBoard
Open Bug Bounty Researcher wins Dry JinOpen Bug Bounty Researcher wins Red Bull reserveOpen Bug Bounty Researcher wins powerbeats headphones
Open Bug Bounty Researcher wins WineOpen Bug Bounty Researcher wins $200,00 USDOpen Bug Bounty Researcher wins Vape
Open Bug Bounty Researcher wins watchesOpen Bug Bounty Researcher wins T-ShirtOpen Bug Bounty Researcher wins Vape
Open Bug Bounty Researcher wins FRITZ!BoxOpen Bug Bounty Researcher wins headphonesOpen Bug Bounty Researcher wins 500 EUR
Open Bug Bounty Researcher wins BountyOpen Bug Bounty Researcher wins MacBook ProOpen Bug Bounty Researcher wins lot of bounties


Most Recommended Security Researchers

Security ResearcherRecommendationsReputation
106
1630
96
1820
91
1310
88
1350
76
1240
69
940
69
720
60
830
58
580

VIP Websites Top Security Researchers

Security ResearcherBadgesHelped Secure
10
1339 VIP Websites  
11
1382 VIP Websites  
8
603 VIP Websites  
8
851 VIP Websites  
8
732 VIP Websites  
11
632 VIP Websites  
5
432 VIP Websites  
9
510 VIP Websites  
12
422 VIP Websites  

DevSecOps Compatible Bug Bounty and Crowd Security Testing

Open Bug Bounty and Jira SoftwareOpen Bug Bounty and SplunkOpen Bug Bounty and mantis Bug TrackerOpen Bug Bounty and Jira BugZilla


Coordinated and Responsible Disclosure

Recently Patched

WebsitePatched onReported by
24.06.2020
24.06.2020
24.06.2020
24.06.2020
24.06.2020
24.06.2020
24.06.2020
24.06.2020
23.06.2020

Quickest Patched

WebsitePatched inPatched onReported by
2 minutes
27.01.2020
14 minutes
05.06.2020
29 minutes
08.06.2020
49 minutes
21.04.2020
1 hour
12.12.2019
1 hour
01.06.2020
2 hours
27.11.2019
2 hours
02.08.2019
3 hours
09.09.2019

Top Alexa Rank Websites

WebsiteStatusReported by
patched
patched
patched
patched
patched
patched
patched
patched
patched

Top Google PR Websites

WebsiteStatusReported by
patched
patched
patched
patched
patched
patched
patched
patched
patched