Open-source vulnerability disclosure and bug bounty program database

Tools, data, and contact lists relevant to The disclose.io Project.

Misc bounty and vulndisc things

The First Open Source Bug Bounty Platform

Mapping from bug bounty and vulnerability disclosure programs to respective GitHub organizations

A free, open-source, multi-lingual, template-based VDP policy, safe harbor clause, securitytxt, and DNS Security TXT generator.

Open-source vulnerability disclosure policy templates.

A standard allowing organizations to nominate security contact points and policies via DNS TXT records.

The Disclose.io Status best practice seal.

Vulnerability analysis and proof of concepts

Content for the CERT Guide to Coordinated Vulnerability Disclosure

A collection of templates for generating vulnerability disclosure policies. (NOTE: As of 2024, these templates are now part of the CERT Guide to Coordinated Vulnerability Disclosure, see link in README.)

Vultron is a protocol for Coordinated Vulnerability Disclosure

🍵 Convention for security commit messages

Exploit and report for CVE-2023-23396.

A curated list of Public Bug Bounty, Responsible Disclosure, Vulnerability Disclosure Programs sourced from Community & Internet.