Open-source vulnerability disclosure and bug bounty program database

Tools, data, and contact lists relevant to The disclose.io Project.

Misc bounty and vulndisc things

The First Open Source Bug Bounty Platform

Open-source vulnerability disclosure policy templates.

Mapping from bug bounty and vulnerability disclosure programs to respective GitHub organizations

Vulnerability analysis and proof of concepts

A standard allowing organizations to nominate security contact points and policies via DNS TXT records.

A free, open-source, multi-lingual, template-based VDP policy, safe harbor clause, securitytxt, and DNS Security TXT generator.

Vultron is a protocol for Coordinated Vulnerability Disclosure

A collection of templates for generating vulnerability disclosure policies. (NOTE: As of 2024, these templates are now part of the CERT Guide to Coordinated Vulnerability Disclosure, see link in README.)

Content for the CERT Guide to Coordinated Vulnerability Disclosure

Exploit and report for CVE-2023-23396.

The Disclose.io Status best practice seal.

🍵 Convention for security commit messages

A curated list of Public Bug Bounty, Responsible Disclosure, Vulnerability Disclosure Programs sourced from Community & Internet.