/diodb

Open-source vulnerability disclosure and bug bounty program database

Primary LanguagePythonCreative Commons Zero v1.0 UniversalCC0-1.0

The disclose.io Database (diodb)

A true, community-powered, vendor agnostic directory of all known VDP and BBPs, contact details, policy location, preferred languages, and the status of:

  • Safeharbor
  • Availability rewards, hall of fame, swag
  • Disclosure policy

Disclose.io Vulnerability, VDP, and Bug Bounty Program Database

Quick links

Purpose Link
Search through the database front-end https://disclose.io/programs
Download the raw database in .json format https://github.com/disclose/diodb/raw/master/program-list.json
Generate your own Vulnerability Disclosure Program https://policymaker.disclose.io/
Join disclose.io Community Forum https://community.disclose.io
Learn more about Vulnerability Disclosure Programs (VDP) https://github.com/disclose/dioterms

Why does diodb exist?

diodb exists to drive the adoption of Safe Harbor for hackers and promote the cybersecurity posture of early adopters, simplify the process of finding the right contacts and channel at an organization, and help both finders and vendors align around the expectations of engagement. It also provides a simple, vendor-agnostic point of engagement for program operators, potential program operators, and the security community to maintain updates to their program.

How to Contribute

Contributions are very welcome! You may add a new program or update an existing one by either opening an issue or a pull request.

Open an Issue

or

Follow the contribution guidelines to prepare and open a Pull Request

License

Creative Commons License
disclose by disclose.io is licensed under a Creative Commons Attribution 4.0 International License.