diff --git a/README.md b/README.md index 434cfb6..826194d 100644 --- a/README.md +++ b/README.md @@ -2,25 +2,25 @@ A comprehensive curated list of available Bug Bounty and Disclosure Programs. ### Available Programs -- [123Contact Form](http://www.123contactform.com/contactus.html) -- [99designs](https://hackerone.com/99designs/reports/new) +- [123Contact Form](http://www.123contactform.com/security-acknowledgements.htm) +- [99designs](https://hackerone.com/99designs) - [Abacus](https://bugcrowd.com/abacus/report) - [Acquia](mailto:security@acquia.com) - [ActiveCampaign](mailto:security@activecampaign.com) - [ActiveProspect](mailto:security@activeprospect.com) -- [Adobe](https://hackerone.com/adobe/reports/new) +- [Adobe](https://hackerone.com/adobe) - [AeroFS](mailto:security@aerofs.com) -- [Airbitz](https://cobalt.io/airbitz/reports/new) -- [Airbnb](https://hackerone.com/airbnb/reports/new) -- [Algolia](https://hackerone.com/algolia/reports/new) +- [Airbitz](https://cobalt.io/airbitz) +- [Airbnb](https://hackerone.com/airbnb) +- [Algolia](https://hackerone.com/algolia) - [Altervista](http://en.altervista.org/feedback.php?who=feedback) - [Amara](mailto:security@amara.org) - [Amazon Web Services](mailto:aws-security@amazon.com) - [Amazon.com](mailto:security@amazon.com) - [ANCILE Solutions Inc.](https://bugcrowd.com/ancile/report) -- [Anghami](https://hackerone.com/anghami/reports/new) -- [ANXBTC](https://cobalt.io/anxbtc/reports/new) -- [Apache httpd](https://hackerone.com/ibb-apache/reports/new) +- [Anghami](https://hackerone.com/anghami) +- [ANXBTC](https://cobalt.io/anxbtc) +- [Apache httpd](https://hackerone.com/ibb-apache) - [Appcelerator](mailto:Infosec@appcelerator.com) - [Apple](mailto:product-security@apple.com) - [Apptentive](https://www.apptentive.com/contact) @@ -33,395 +33,395 @@ A comprehensive curated list of available Bug Bounty and Disclosure Programs. - [Atlassian](https://securitysd.atlassian.net/servicedesk/customer/portal/2) - [Attack-Secure](mailto:admin@attack-secure.com) - [Authy](mailto:security@authy.com) -- [Automattic](https://hackerone.com/automattic/reports/new) +- [Automattic](https://hackerone.com/automattic) - [Avast!](mailto:bugs@avast.com) - [Avira](mailto:vulnerabilities@avira.com) -- [AwardWallet](https://cobalt.io/awardwallet/reports/new) +- [AwardWallet](https://cobalt.io/awardwallet) - [Badoo](https://corp.badoo.com/en/security/#send_bid) - [Barracuda](https://bugcrowd.com/barracuda/report) - [Basecamp](mailto:security@basecamp.com) - [Beanstalk](https://wildbit.wufoo.com/forms/wildbit-security-response) -- [BillGuard](https://cobalt.io/billguard/reports/new) -- [Billys Billing](https://cobalt.io/billys-billing/reports/new) -- [Binary.com](https://hackerone.com/binary/reports/new) -- [Binary.com Cashier](https://hackerone.com/binary_cashier/reports/new) -- [BitBandit.eu](https://cobalt.io/bitbandit-eu/reports/new) +- [BillGuard](https://cobalt.io/billguard) +- [Billys Billing](https://cobalt.io/billys-billing) +- [Binary.com](https://hackerone.com/binary) +- [Binary.com Cashier](https://hackerone.com/binary_cashier) +- [BitBandit.eu](https://cobalt.io/bitbandit-eu) - [Bitcasa](mailto:security@bitcasa.com) -- [BitCasino](https://cobalt.io/bitcasino/reports/new) -- [BitGo](https://cobalt.io/bitgo/reports/new) -- [BitHealth](https://cobalt.io/bithealth/reports/new) -- [BitHunt](https://hackerone.com/bithunt/reports/new) -- [BitMEX](https://cobalt.io/bitmex/reports/new) -- [Bitoasis](https://cobalt.io/bitoasis/reports/new) -- [Bitpagos](https://cobalt.io/bitpagos/reports/new) -- [Bitrated](https://cobalt.io/bitrated/reports/new) -- [Bitreserve](https://cobalt.io/bitreserve/reports/new) -- [Bitspark](https://cobalt.io/bitspark/reports/new) -- [Bitwage](https://cobalt.io/bitwage/reports/new) +- [BitCasino](https://cobalt.io/bitcasino) +- [BitGo](https://cobalt.io/bitgo) +- [BitHealth](https://cobalt.io/bithealth) +- [BitHunt](https://hackerone.com/bithunt) +- [BitMEX](https://cobalt.io/bitmex) +- [Bitoasis](https://cobalt.io/bitoasis) +- [Bitpagos](https://cobalt.io/bitpagos) +- [Bitrated](https://cobalt.io/bitrated) +- [Bitreserve](https://cobalt.io/bitreserve) +- [Bitspark](https://cobalt.io/bitspark) +- [Bitwage](https://cobalt.io/bitwage) - [BitWall](mailto:request@bitwall.io) -- [BitYes](https://cobalt.io/bityes/reports/new) +- [BitYes](https://cobalt.io/bityes) - [BlackBerry](https://global.blackberry.com/secure/report-an-issue/en.html) - [Blackboard](mailto:learnsecurity@blackboard.com) - [Blackphone](https://bugcrowd.com/blackphone/report) - [Blesta](mailto:security@blesta.com) -- [Block.io](https://hackerone.com/blockio/reports/new) -- [Block.io, Inc.](https://cobalt.io/block-io-inc/reports/new) -- [Blockchain.info](https://cobalt.io/blockchain-info/reports/new) -- [BlockScore](https://cobalt.io/blockscore/reports/new) -- [Bookfresh](https://hackerone.com/bookfresh/reports/new) +- [Block.io](https://hackerone.com/blockio) +- [Block.io, Inc.](https://cobalt.io/block-io-inc) +- [Blockchain.info](https://cobalt.io/blockchain-info) +- [BlockScore](https://cobalt.io/blockscore) +- [Bookfresh](https://hackerone.com/bookfresh) - [Box](mailto:security-reports@box.com) - [Braintree](mailto:security@braintreepayments.com) -- [BTC_sx](https://cobalt.io/btc-sx/reports/new) +- [BTC_sx](https://cobalt.io/btc-sx) - [Buffer](mailto:security@bufferapp.com) -- [BX.in.th](https://cobalt.io/bx-in-th/reports/new) -- [C2FO](https://hackerone.com/c2fo/reports/new) +- [BX.in.th](https://cobalt.io/bx-in-th) +- [C2FO](https://hackerone.com/c2fo) - [Campaign Monitor](https://help.campaignmonitor.com/contact) - [CARD.com](https://bugcrowd.com/card/report) -- [Catchafire](https://cobalt.io/catchafire/reports/new) -- [Caviar](https://hackerone.com/caviar/reports/new) +- [Catchafire](https://cobalt.io/catchafire) +- [Caviar](https://hackerone.com/caviar) - [CCBill](mailto:bugrewards@ccbill.com) -- [CERT/CC](https://hackerone.com/cert/reports/new) -- [Certly](https://hackerone.com/certly/reports/new) -- [ChainPay](https://cobalt.io/chainpay/reports/new) -- [ChangeTip](https://cobalt.io/changetip/reports/new) +- [CERT/CC](https://hackerone.com/cert) +- [Certly](https://hackerone.com/certly) +- [ChainPay](https://cobalt.io/chainpay) +- [ChangeTip](https://cobalt.io/changetip) - [Chargify](https://bugcrowd.com/chargify/report) - [Chromium Project](https://code.google.com/p/chromium/issues/entry?template=Security%20Bug) -- [Circle](https://cobalt.io/circle/reports/new) +- [Circle](https://cobalt.io/circle) - [CircleCI](mailto:security@circleci.com) - [Cisco](http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html#roosfassv) - [Clojars](mailto:contact@clojars.org) -- [CloudFlare](https://hackerone.com/cloudflare/reports/new) -- [Cobalt](https://cobalt.io/cobalt/reports/new) +- [CloudFlare](https://hackerone.com/cloudflare) +- [Cobalt](https://cobalt.io/cobalt) - [Code Climate](mailto:security@codeclimate.com) -- [CodeIgniter](https://hackerone.com/codeigniter/reports/new) +- [CodeIgniter](https://hackerone.com/codeigniter) - [CodePen](https://bugcrowd.com/codepen/report) -- [Coin Republic](https://cobalt.io/coin-republic/reports/new) -- [Coin.Space](https://hackerone.com/coinspace/reports/new) -- [Coinage](https://cobalt.io/coinage/reports/new) -- [Coinbase](https://hackerone.com/coinbase/reports/new) -- [CoinDaddy](https://cobalt.io/coindaddy/reports/new) +- [Coin Republic](https://cobalt.io/coin-republic) +- [Coin.Space](https://hackerone.com/coinspace) +- [Coinage](https://cobalt.io/coinage) +- [Coinbase](https://hackerone.com/coinbase) +- [CoinDaddy](https://cobalt.io/coindaddy) - [Coinkite](mailto:feedback@coinkite.com?subject=%5BVulnerability%5D%20-%20) -- [Coinport](https://cobalt.io/coinport/reports/new) -- [coins.ph](https://cobalt.io/coins-ph/reports/new) -- [Cointrader.net](https://cobalt.io/cointrader-net/reports/new) -- [Coinvoy](https://cobalt.io/coinvoy/reports/new) +- [Coinport](https://cobalt.io/coinport) +- [coins.ph](https://cobalt.io/coins-ph) +- [Cointrader.net](https://cobalt.io/cointrader-net) +- [Coinvoy](https://cobalt.io/coinvoy) - [Compose](mailto:security@compose.io) -- [concrete5](https://hackerone.com/concrete5/reports/new) +- [concrete5](https://hackerone.com/concrete5) - [Constant Contact](mailto:vulnerability@constantcontact.com) -- [Counterparty](https://cobalt.io/counterparty/reports/new) +- [Counterparty](https://cobalt.io/counterparty) - [Coupa](mailto:security@coupa.com) -- [Coursera](https://hackerone.com/coursera/reports/new) +- [Coursera](https://hackerone.com/coursera) - [cPanel](mailto:security@cpanel.net) - [cPaperless](mailto:support@cPaperless.com) -- [Crix.io](https://cobalt.io/crixio/reports/new) +- [Crix.io](https://cobalt.io/crixio) - [Cryptocat](https://github.com/cryptocat/cryptocat/issues) - [Cupcake](mailto:security@cupcake.io) - [CustomerInsight](mailto:admin@customerinsight.ca) -- [Cylance](https://hackerone.com/cylance/reports/new) +- [Cylance](https://hackerone.com/cylance) - [Dato Capital](mailto:security%40datocapital.com) - [Detectify](mailto:disclosure@detectify.com) - [DigitalOcean](mailto:security@digitalocean.com) -- [DigitalSellz](https://hackerone.com/digitalsellz/reports/new) -- [Django](https://hackerone.com/django/reports/new) +- [DigitalSellz](https://hackerone.com/digitalsellz) +- [Django](https://hackerone.com/django) - [Doorkeeper](mailto:info@doorkeeper.jp) -- [DoSomething](https://cobalt.io/dosomething/reports/new) +- [DoSomething](https://cobalt.io/dosomething) - [DPD](mailto:security@dpd.zendesk.com) -- [Dropbox](https://hackerone.com/dropbox/reports/new) -- [Dropbox Acquisitions](https://hackerone.com/dropbox-acquisitions/reports/new) +- [Dropbox](https://hackerone.com/dropbox) +- [Dropbox Acquisitions](https://hackerone.com/dropbox-acquisitions) - [Drupal](https://www.drupal.org/node/101494) - [eBay](http://pages.ebay.com/securitycenter/Researchers.html) - [Eclipse](mailto:security@eclipse.org) - [EMC](mailto:security_alert@emc.com) - [Enano](mailto:security@enanocms.org) - [Engine Yard](mailto:security@engineyard.com) -- [Envoy](https://hackerone.com/envoy/reports/new) -- [Eobot](https://cobalt.io/eobot/reports/new) +- [Envoy](https://hackerone.com/envoy) +- [Eobot](https://cobalt.io/eobot) - [EthnoHub](mailto:security@ethnohub.com) - [Etsy](https://www.etsy.com/bounty) - [EVE](mailto:security@ccpgames.com) - [Event Espresso](http://eventespresso.com/report-a-security-vulnerability) - [Evernote](mailto:security@evernote.com) - [Expatistan](mailto:gerardo@expatistan.com) -- [ExpressionEngine](https://hackerone.com/expressionengine/reports/new) -- [Ezbob](https://cobalt.io/ezbob/reports/new) +- [ExpressionEngine](https://hackerone.com/expressionengine) +- [Ezbob](https://cobalt.io/ezbob) - [Facebook](https://www.facebook.com/whitehat/report) -- [Faceless](https://hackerone.com/faceless/reports/new) -- [Factlink](https://hackerone.com/factlink/reports/new) -- [FanFootage](https://hackerone.com/fanfootage/reports/new) -- [FastSlots](https://cobalt.io/fastslots/reports/new) -- [Flash](https://hackerone.com/flash/reports/new) +- [Faceless](https://hackerone.com/faceless) +- [Factlink](https://hackerone.com/factlink) +- [FanFootage](https://hackerone.com/fanfootage) +- [FastSlots](https://cobalt.io/fastslots) +- [Flash](https://hackerone.com/flash) - [Flood](mailto:support@flood.io) - [Flow Dock](mailto:security@flowdock.com) -- [Flox](https://hackerone.com/flox/reports/new) +- [Flox](https://hackerone.com/flox) - [Fluxiom](mailto:security@fluxiom.com) - [Fog Creek](http://www.fogcreek.com/contact) - [FormAssembly](mailto:security@formassembly.com) -- [Founder Bliss](https://cobalt.io/founder-bliss/reports/new) +- [Founder Bliss](https://cobalt.io/founder-bliss) - [Foursquare](mailto:security@foursquare.com) - [Freelancer](mailto:security-reporting@freelancer.com) - [Gallery](mailto:security@galleryproject.org) - [Gamma](mailto:security-alert@intergamma.nl) - [Gemfury](mailto:security@gemfury.com) -- [General Motors](https://hackerone.com/gm/reports/new) -- [GhostMail](https://hackerone.com/gmguys/reports/new) +- [General Motors](https://hackerone.com/gm) +- [GhostMail](https://hackerone.com/gmguys) - [GiftCards.com](mailto:sitesecurity@giftcards.com) - [GitHub](https://bounty.github.com/submit-a-vulnerability.html) -- [GitLab](https://hackerone.com/gitlab/reports/new) -- [GlassWire](https://hackerone.com/glasswire/reports/new) +- [GitLab](https://hackerone.com/gitlab) +- [GlassWire](https://hackerone.com/glasswire) - [Gliph](mailto:security@gli.ph) -- [GlobaLeaks](https://hackerone.com/globaleaks/reports/new) +- [GlobaLeaks](https://hackerone.com/globaleaks) - [Google PRP](mailto:security-patches@google.com) - [Google VRP](https://www.google.com/appserve/security-bugs/m2/new?rl=&key=) -- [Gratipay](https://hackerone.com/gratipay/reports/new) -- [GreenAddress](https://cobalt.io/greenaddress/reports/new) -- [Greenhouse.io](https://hackerone.com/greenhouse/reports/new) +- [Gratipay](https://hackerone.com/gratipay) +- [GreenAddress](https://cobalt.io/greenaddress) +- [Greenhouse.io](https://hackerone.com/greenhouse) - [Grok Learning](mailto:security@groklearning.com) -- [HackerOne](https://hackerone.com/security/reports/new) +- [HackerOne](https://hackerone.com/security) - [Harmony](mailto:security@collectiveidea.com) - [Heroku](https://bugcrowd.com/heroku/report) - [Hex-Rays](mailto:bugbounty@hex-rays.com) -- [Hive Wallet](https://cobalt.io/hive-wallet/reports/new) +- [Hive Wallet](https://cobalt.io/hive-wallet) - [Hootsuite](mailto:security@hootsuite.com) - [HTC](mailto:security@htc.com) - [Huawei](mailto:psirt@huawei.com) -- [Hubdia](https://hackerone.com/hubdia/reports/new) +- [Hubdia](https://hackerone.com/hubdia) - [Humble Bundle](https://bugcrowd.com/humblebundle/report) -- [Ian Dunn](https://hackerone.com/iandunn-projects/reports/new) +- [Ian Dunn](https://hackerone.com/iandunn-projects) - [IBM](https://www.ibm.com/scripts/contact/contact/us/en/security_vulnerabilities) - [ICEcoder](https://bugcrowd.com/icecoder/report) - [Iconfinder](mailto:support@iconfinder.com) - [Ifixit](mailto:security@ifixit.com) -- [Imgur](https://hackerone.com/imgur/reports/new) -- [ImpressPages](https://cobalt.io/impresspages/reports/new) +- [Imgur](https://hackerone.com/imgur) +- [ImpressPages](https://cobalt.io/impresspages) - [Indeed](https://bugcrowd.com/indeed/report) -- [Independent Reserve](https://cobalt.io/independent-reserve/reports/new) -- [Informatica](https://hackerone.com/informatica/reports/new) +- [Independent Reserve](https://cobalt.io/independent-reserve) +- [Informatica](https://hackerone.com/informatica) - [IntegraXor](http://www.integraxor.com/support.html) - [Internetwache](mailto:security@internetwache.org) -- [InVision](https://hackerone.com/invision/reports/new) -- [IRCCloud](https://hackerone.com/irccloud/reports/new) -- [itBit Exchange](https://hackerone.com/itbit/reports/new) +- [InVision](https://hackerone.com/invision) +- [IRCCloud](https://hackerone.com/irccloud) +- [itBit Exchange](https://hackerone.com/itbit) - [ITRP](mailto:security@itrp.com) -- [joola.io](https://hackerone.com/joola-io/reports/new) +- [joola.io](https://hackerone.com/joola-io) - [Joomla](http://vel.joomla.org/submit-vel) - [JRuby](mailto:security@jruby.org) -- [jsDelivr](https://hackerone.com/jsdelivr/reports/new) +- [jsDelivr](https://hackerone.com/jsdelivr) - [Juniper](mailto:sirt@juniper.net) -- [Kadira](https://hackerone.com/kadira/reports/new) +- [Kadira](https://hackerone.com/kadira) - [Kaneva](mailto:security@kaneva.com) - [Kayako](http://my.kayako.com/Tickets/Submit) - [Kenna](https://bugcrowd.com/riskio/report) -- [Keybase](https://hackerone.com/keybase/reports/new) -- [Khan Academy](https://hackerone.com/khanacademy/reports/new) +- [Keybase](https://hackerone.com/keybase) +- [Khan Academy](https://hackerone.com/khanacademy) - [Kraken](mailto:bugbounty@kraken.com) -- [Lancor Income](https://cobalt.io/lancor-income/reports/new) +- [Lancor Income](https://cobalt.io/lancor-income) - [LastPass](mailto:security@lastpass.com) - [LaunchKey](mailto:security@launchkey.com) -- [Lean Testing](https://hackerone.com/leantesting/reports/new) -- [leetfiles](https://hackerone.com/leetfiles/reports/new) +- [Lean Testing](https://hackerone.com/leantesting) +- [leetfiles](https://hackerone.com/leetfiles) - [Librato](mailto:security@librato.com) -- [LibSass](https://hackerone.com/libsass/reports/new) +- [LibSass](https://hackerone.com/libsass) - [Liferay](mailto:security@liferay.com) - [LinkedIn](mailto:security@linkedin.com) - [LiveEnsure](http://www.liveensure.com/contact.php) -- [LocalBitcoins](https://cobalt.io/localbitcoins/reports/new) -- [Localize](https://hackerone.com/localize/reports/new) +- [LocalBitcoins](https://cobalt.io/localbitcoins) +- [Localize](https://hackerone.com/localize) - [Logentries](mailto:security@logentries.com) - [Lookout](mailto:security@lookout.com) - [Magento](mailto:security@magento.com) - [MAGIX](mailto:security@magix.net) - [Mahara](mailto:security@mahara.org) -- [MaiCoin](https://cobalt.io/maicoin/reports/new) -- [Mail.Ru](https://hackerone.com/mailru/reports/new) -- [Mailbird](https://cobalt.io/mailbird/reports/new) +- [MaiCoin](https://cobalt.io/maicoin) +- [Mail.Ru](https://hackerone.com/mailru) +- [Mailbird](https://cobalt.io/mailbird) - [MailChimp](http://mailchimp.com/about/security-response/) -- [ManageBGL](https://cobalt.io/managebgl/reports/new) +- [ManageBGL](https://cobalt.io/managebgl) - [ManageWP](mailto:security@managewp.com) -- [MapLogin](https://hackerone.com/maplogin/reports/new) -- [Marktplatts](https://hackerone.com/marktplaats/reports/new) -- [Mavenlink](https://hackerone.com/mavenlink/reports/new) -- [Maximum](https://hackerone.com/maximum/reports/new) +- [MapLogin](https://hackerone.com/maplogin) +- [Marktplatts](https://hackerone.com/marktplaats) +- [Mavenlink](https://hackerone.com/mavenlink) +- [Maximum](https://hackerone.com/maximum) - [MCProHosting](https://bugcrowd.com/mcprohostings/report) - [MEGA](mailto:bugs@mega.co.nz) -- [Mercury](https://cobalt.io/mercury/reports/new) -- [Meteor](https://hackerone.com/meteor/reports/new) -- [meXBT](https://cobalt.io/mexbt/reports/new) +- [Mercury](https://cobalt.io/mercury) +- [Meteor](https://hackerone.com/meteor) +- [meXBT](https://cobalt.io/mexbt) - [Microsoft](mailto:secure@microsoft.com) - [Mimecast](mailto:disclosure@mimecast.com) -- [Mobile Vikings](https://hackerone.com/mobilevikings/reports/new) +- [Mobile Vikings](https://hackerone.com/mobilevikings) - [Modus CSR](mailto:security@moduscsr.com) - [MoneyBird](mailto:security@moneybird.com) -- [MoneyStream](https://hackerone.com/moneystream/reports/new) +- [MoneyStream](https://hackerone.com/moneystream) - [Moodle](mailto:security@moodle.org) - [Motorola Solutions](mailto:security@motorolasolutions.com) - [Mozilla](https://bugzilla.mozilla.org/enter_bug.cgi) -- [mynxt.info](https://cobalt.io/mynxt-info/reports/new) +- [mynxt.info](https://cobalt.io/mynxt-info) - [Natures Organics](mailto:ict@naturesorganics.com.au) - [NCSC](mailto:cert@ncsc.nl) -- [Nearby Live](https://hackerone.com/nearby/reports/new) +- [Nearby Live](https://hackerone.com/nearby) - [Nest](mailto:security@nest.com) - [Netflix](mailto:security-report@netflix.com) -- [Nexmo](https://cobalt.io/nexmo/reports/new) -- [Nginx](https://hackerone.com/ibb-nginx/reports/new) +- [Nexmo](https://cobalt.io/nexmo) +- [Nginx](https://hackerone.com/ibb-nginx) - [Nitrous](mailto:security@nitrous.io) - [Nokia Networks](mailto:security-alert@nokia.com) -- [NoPass](https://cobalt.io/nopass/reports/new) +- [NoPass](https://cobalt.io/nopass) - [NZRS](mailto:security@nzrs.net.nz) - [Offensive Security](mailto:security@offensive-security.com) -- [ok.ru](https://hackerone.com/ok/reports/new) -- [OKCoin](https://cobalt.io/okcoin/reports/new) -- [OkCupid](https://hackerone.com/okcupid/reports/new) +- [ok.ru](https://hackerone.com/ok) +- [OKCoin](https://cobalt.io/okcoin) +- [OkCupid](https://hackerone.com/okcupid) - [Olark](mailto:security@olark.com) -- [Opal Cryptocurrency](https://cobalt.io/opal-cryptocurrency/reports/new) -- [Openfolio](https://hackerone.com/openfolio/reports/new) -- [OpenSSL](https://hackerone.com/ibb-openssl/reports/new) +- [Opal Cryptocurrency](https://cobalt.io/opal-cryptocurrency) +- [Openfolio](https://hackerone.com/openfolio) +- [OpenSSL](https://hackerone.com/ibb-openssl) - [OpenStack](https://security.openstack.org/#how-to-report-security-issues-to-openstack) - [OpenText](mailto:otst@opentext.com) - [Opera](https://bugs.opera.com/wizarddesktop) -- [Optimizely](https://cobalt.io/optimizely/reports/new) +- [Optimizely](https://cobalt.io/optimizely) - [Oracle](mailto:secalert_us@oracle.com) -- [ownCloud](https://hackerone.com/owncloud/reports/new) +- [ownCloud](https://hackerone.com/owncloud) - [PagerDuty](mailto:security@pagerduty.com) - [Pantheon](https://bugcrowd.com/pantheon/report) - [Panzura](mailto:security@panzura.com) -- [Paragon Initiative Enterprises](https://hackerone.com/paragonie/reports/new) +- [Paragon Initiative Enterprises](https://hackerone.com/paragonie) - [Paychoice](mailto:security@paychoice.com.au) - [PayMill](mailto:security@paymill.com) - [PayPal](mailto:https://www.paypal.com/bugbounty/register) -- [Perl](https://hackerone.com/ibb-perl/reports/new) -- [Phabricator](https://hackerone.com/phabricator/reports/new) +- [Perl](https://hackerone.com/ibb-perl) +- [Phabricator](https://hackerone.com/phabricator) - [PHP](https://bugs.php.net/report.php) - [Pidgin](mailto:security@pidgin.im) - [PikaPay](mailto:security@pikapay.com) - [PinoyHackNews](mailto:admin@pinoyhacknews.com) - [Pinterest](https://bugcrowd.com/pinterest/report) -- [Piwik Open Source Analytics](https://cobalt.io/piwik-open-source-analytics/reports/new) +- [Piwik Open Source Analytics](https://cobalt.io/piwik-open-source-analytics) - [Plone](mailto:security@plone.org) - [Pocket](mailto:security@getpocket.com) -- [Poloniex](https://cobalt.io/poloniex/reports/new) +- [Poloniex](https://cobalt.io/poloniex) - [Postmark](https://wildbit.wufoo.com/forms/wildbit-security-response) - [Prezi](mailto:security-bug-bounty@prezi.com) -- [Projectplace](https://hackerone.com/projectplace/reports/new) +- [Projectplace](https://hackerone.com/projectplace) - [PullReview](mailto:security@pullreview.com) - [Puppet labs](mailto:security@puppetlabs.com) - [PureVPN](https://bugcrowd.com/purevpn/report) - [Python](mailto:security@python.org) -- [QIWI](https://hackerone.com/qiwi/reports/new) -- [Quadriga CX](https://cobalt.io/quadriga-cx/reports/new) -- [QuickBT](https://cobalt.io/quickbt/reports/new) +- [QIWI](https://hackerone.com/qiwi) +- [Quadriga CX](https://cobalt.io/quadriga-cx) +- [QuickBT](https://cobalt.io/quickbt) - [Rackspace](mailto:security@rackspace.com) -- [Rdbhost_service](https://cobalt.io/rdbhost-service/reports/new) +- [Rdbhost_service](https://cobalt.io/rdbhost-service) - [Red Hat](mailto:site-security@redhat.com) - [Reddit](mailto:security@reddit.com) - [Relaso](mailto:security@relaso.com) - [RelateIQ](mailto:security@relateiq.com) - [Release Wire](http://www.releasewire.com/about/contact) -- [Respondly](https://hackerone.com/respondly/reports/new) -- [Revive Adserver](https://hackerone.com/revive_adserver/reports/new) +- [Respondly](https://hackerone.com/respondly) +- [Revive Adserver](https://hackerone.com/revive_adserver) - [Ribose](https://www.ribose.com/feedbacks/security) -- [Ripio](https://cobalt.io/ripio/reports/new) +- [Ripio](https://cobalt.io/ripio) - [Ripple](mailto:bugs@ripple.com) - [Riskalyze](mailto:security@riskalyze.com) -- [Romit](https://hackerone.com/romit/reports/new) +- [Romit](https://hackerone.com/romit) - [Ruby](mailto:security@ruby-lang.org) -- [Ruby on Rails](https://hackerone.com/rails/reports/new) +- [Ruby on Rails](https://hackerone.com/rails) - [Salesforce](mailto:security@salesforce.com) - [Samsung TV](https://samsungtvbounty.com/ReportBug.aspx) -- [Sandbox Escape](https://hackerone.com/sandbox/reports/new) +- [Sandbox Escape](https://hackerone.com/sandbox) - [SAP](mailto:secure@sap.com) - [Schuberg Philis](mailto:abuse@schubergphilis.com) - [Scorpion Software](mailto:security@scorpionsoft.com) -- [Secret](https://hackerone.com/secret/reports/new) +- [Secret](https://hackerone.com/secret) - [Secure Works](mailto:security@secureworks.com) - [Sellfy](http://docs.sellfy.com/contact) - [ServiceRocket](https://bugcrowd.com/servicerocket/report) - [ShareLaTeX](mailto:team@sharelatex.com) -- [Sherpany](https://cobalt.io/sherpany/reports/new) -- [Shopify](https://hackerone.com/shopify/reports/new) +- [Sherpany](https://cobalt.io/sherpany) +- [Shopify](https://hackerone.com/shopify) - [Sifter](mailto:security@sifterapp.com?subject=%27Security%20Vulnerability%20Report%27) - [Silent Circle](https://bugcrowd.com/silentcircle/report) - [Simple](https://bugcrowd.com/simple/report) - [SiteGround](mailto:responsible-disclosure@siteground.com) - [Skoodat](mailto:security@skoodat.com) -- [Skrill](https://cobalt.io/skrill/reports/new) -- [Slack](https://hackerone.com/slack/reports/new) -- [Snapchat](https://hackerone.com/snapchat/reports/new) +- [Skrill](https://cobalt.io/skrill) +- [Slack](https://hackerone.com/slack) +- [Snapchat](https://hackerone.com/snapchat) - [Snappy](mailto:security@userscape.com) - [Sonatype](mailto:security@sonatype.com) - [Sony](https://secure.sony.net/form) - [SoundCloud](https://scsecurity.freshdesk.com/support/tickets/new) -- [SpectroCoin](https://cobalt.io/spectrocoin/reports/new) -- [Spendbitcoins](https://cobalt.io/spendbitcoins/reports/new) +- [SpectroCoin](https://cobalt.io/spectrocoin) +- [Spendbitcoins](https://cobalt.io/spendbitcoins) - [SplashID](https://bugcrowd.com/splashid/report) - [Splitwise](mailto:security@splitwise.com) - [Spotify](mailto:security@spotify.com) - [Sprout Social](mailto:security@sproutsocial.com) -- [Square](https://hackerone.com/square/reports/new) -- [Square Open Source](https://hackerone.com/square-open-source/reports/new) +- [Square](https://hackerone.com/square) +- [Square Open Source](https://hackerone.com/square-open-source) - [StatusPage](https://bugcrowd.com/sunrise/report) -- [StopTheHacker](https://hackerone.com/stopthehacker/reports/new) -- [Subledger](https://cobalt.io/subledger/reports/new) -- [Subrosa](https://cobalt.io/subrosa/reports/new) -- [Sucuri](https://hackerone.com/sucuri/reports/new) +- [StopTheHacker](https://hackerone.com/stopthehacker) +- [Subledger](https://cobalt.io/subledger) +- [Subrosa](https://cobalt.io/subrosa) +- [Sucuri](https://hackerone.com/sucuri) - [Symantec](mailto:secure@symantec.com) - [Tagged](https://bugcrowd.com/tagged/report) -- [Taptalk](https://hackerone.com/taptalk/reports/new) +- [Taptalk](https://hackerone.com/taptalk) - [Tarsnap](mailto:cperciva@tarsnap.com) - [TeamUnify](mailto:security@teamunify.com) - [Tele2](mailto:beveiligingsmeldpunt@tele2.com) - [Telekom](mailto:cert@telekom.de?subject=bug_bounty) -- [The Internet](https://hackerone.com/internet/reports/new) -- [The Mastercoin Foundation](https://cobalt.io/the-mastercoin-foundation/reports/new) -- [ThisData](https://hackerone.com/thisdata/reports/new) -- [TimeTrex](https://cobalt.io/timetrex/reports/new) -- [ToyTalk](https://hackerone.com/toytalk/reports/new) -- [Trello](https://hackerone.com/trello/reports/new) +- [The Internet](https://hackerone.com/internet) +- [The Mastercoin Foundation](https://cobalt.io/the-mastercoin-foundation) +- [ThisData](https://hackerone.com/thisdata) +- [TimeTrex](https://cobalt.io/timetrex) +- [ToyTalk](https://hackerone.com/toytalk) +- [Trello](https://hackerone.com/trello) - [Tuenti](http://corporate.tuenti.com/en/contact/security) - [Twilio](https://bugcrowd.com/twilio/report) - [Twitch](mailto:security@twitch.tv) -- [Twitter](https://hackerone.com/twitter/reports/new) +- [Twitter](https://hackerone.com/twitter) - [Uber](mailto:security-abuse@uber.com) -- [Ubiquiti Networks](https://hackerone.com/ubnt/reports/new) +- [Ubiquiti Networks](https://hackerone.com/ubnt) - [Unitag](mailto:security@unitag.io) -- [Urban Dictionary](https://hackerone.com/urbandictionary/reports/new) -- [Uzbey](https://hackerone.com/uzbey/reports/new) +- [Urban Dictionary](https://hackerone.com/urbandictionary) +- [Uzbey](https://hackerone.com/uzbey) - [Valve Software](mailto:security@valvesoftware.com) - [VCE](mailto:security-alerts@vce.com) - [Venmo](mailto:security@venmo.com) -- [Version Cake](https://hackerone.com/versioncake/reports/new) +- [Version Cake](https://hackerone.com/versioncake) - [Viadeo](mailto:security@viadeo.com) -- [Vimeo](https://hackerone.com/vimeo/reports/new) -- [VK.com](https://hackerone.com/vkcom/reports/new) +- [Vimeo](https://hackerone.com/vimeo) +- [VK.com](https://hackerone.com/vkcom) - [Volusion](https://bugcrowd.com/volusion/report) -- [VPNSox](https://cobalt.io/vpnsox/reports/new) -- [vulners.com](https://hackerone.com/vulnerscom/reports/new) +- [VPNSox](https://cobalt.io/vpnsox) +- [vulners.com](https://hackerone.com/vulnerscom) - [Webconverger](mailto:security@webconverger.com) - [Websecurify](http://campaigns.websecurify.com/money-for-bugs/#contact) -- [Weebly](https://cobalt.io/weebly/reports/new) -- [WePay](https://hackerone.com/wepay/reports/new) -- [Whisper](https://hackerone.com/whisper/reports/new) +- [Weebly](https://cobalt.io/weebly) +- [WePay](https://hackerone.com/wepay) +- [Whisper](https://hackerone.com/whisper) - [WHMCS](https://bugcrowd.com/whmcs/report) - [Windthorst ISD](http://www.windthorstisd.net/BugReport.cfm) -- [withinsecurity](https://hackerone.com/withinsecurity/reports/new) +- [withinsecurity](https://hackerone.com/withinsecurity) - [WizeHive](mailto:security@wizehive.com) -- [WordPoints](https://hackerone.com/wordpoints/reports/new) -- [Wordware](https://cobalt.io/wordware/reports/new) -- [WP API](https://hackerone.com/wp-api/reports/new) +- [WordPoints](https://hackerone.com/wordpoints) +- [Wordware](https://cobalt.io/wordware) +- [WP API](https://hackerone.com/wp-api) - [Xen Project](mailto:security@xenproject.org) - [Xmarks](mailto:security@lastpass.com) -- [Yahoo](https://hackerone.com/yahoo/reports/new) +- [Yahoo](https://hackerone.com/yahoo) - [Yandex](https://yandex.com/bugbounty/report) - [Yanomo](mailto:support@yanomo.com) - [Yesware](mailto:security@yesware.com) - [Zapier](mailto:security@zapier.com) -- [Zaption](https://hackerone.com/zaption/reports/new) +- [Zaption](https://hackerone.com/zaption) - [ZenCash](mailto:security@zencash.com) -- [Zendesk](https://hackerone.com/zendesk/reports/new) +- [Zendesk](https://hackerone.com/zendesk) - [Zetetic](mailto:support@zetetic.net) - [Ziggo](mailto:security@ziggo.nl) - [Zimbra](mailto:security@zimbra.com) -- [Zomato](https://hackerone.com/zomato/reports/new) -- [Zopim](https://hackerone.com/zopim/reports/new) +- [Zomato](https://hackerone.com/zomato) +- [Zopim](https://hackerone.com/zopim) - [Zynga](mailto:whitehat@zynga.com)