README
ΒΆ
Public BugBounty Programs
Community curated list of public bug bounty and responsible disclosure programs.
This repo serves as the central management system for the public bug bounty programs used on Chaos by ProjectDiscovery.
Data Model
- Source file:
src/data.yaml - Generated output:
dist/data.json - Schema:
src/data.schema.json
Each program entry includes:
name(string)url(http/httpsURL)bounty(boolean)domains(array of root/apex domains)
Example entry in src/data.yaml:
- name: Example Bug Bounty Program
url: https://example.com/bugbounty
bounty: true
domains:
- example.com
- example.org
We welcome your contributions to this list. If there are specific programs for which you'd like to see reconnaissance data, please submit a pull request. Make sure to give the contributing guidelines a quick read first so everything runs smoothly.
Your contributions will help us to continually improve and expand the range of public bug bounty programs we feature.
π¬ Discussions
For any inquiries, suggestions, or topics you'd like to discuss, we encourage you to initiate a "Discussion" using our GitHub Discussions platform.
π¨βπ» Community
We invite you to join our Discord Community for more interactive discussions.
Stay updated with our latest news and activities by following ProjectDiscovery on Twitter.
For direct communication, feel free to reach us at contact@projectdiscovery.io.
π Guidelines
- Refer to
CONTRIBUTING.mdfor complete contributor guidelines.
π References
- https://github.com/arkadiyt/bounty-targets-data
- https://github.com/disclose/diodb/blob/master/program-list.json
- https://firebounty.com
We greatly appreciate your contributions and your efforts in keeping our community dynamic and engaging. β€
Directories
ΒΆ
| Path | Synopsis |
|---|---|
|
cmd
|
|
|
bbp-scope
command
|
|
|
httpx-tester
command
|
|
|
validate-domains
command
|
|
|
internal
|
|