Welcome to Bug Bounty HQ

Bug Bounty HQ is now open for researcher and program registrations.

As to be expected upon initial launch, there currently exists no bug bounties.  It is expected over the course of the next few weeks bug bounties will be added.  A program does exist for Bug Bounty HQ, but currently this is a point's only program.  If circumstances change, all fixed submissions will be financially awarded accordingly.  We completely understand if you do not want to partake in this program at this time.  Another reason for this program is to allow you to see the entire application and familiarize yourself with the various options and settings

Bug Bounty HQ is offering the $1million Points Challenge

  • Open to the first 500 registered researchers

  • Achieve 3000 points within 365 days

  • The 365 day count begins upon the launch of the 3rd bug bounty program

  • All points accumulated for bug programs One and Two are valid for this challenge

  • $2000.00 reward


Within your user profile, you have the option to donate 1% of all your bug payments to a registered charity.  Bug Bounty HQ matches this 1%.  Being a community of researchers, charities will be nominated by the researchers and voted upon by the researchers. This vote will take place each quarter to determine the charity that is to be awarded the community donation.

Bug Bounty HQ wants all the researchers to succeed.  To help with this we have initially included some useful tools.  There are currently many more in development.

  • Briefcase - 1GB of online storage for your tools and notes.  This allows the researcher to access their work from any PC / Laptop to continue their security testing

  • OWASP Methodology Check List - Its easy to get lost in a big application and sometimes forget things.  If used correctly, OWASP's check list keeps you focused

  • Example Bug listings - You may have found a potential vulnerability and are having difficulties in trying to exploit it. These examples are a collection of vulnerabilities discovered by bug hunters showing real world examples and explotation.

  • BBHQ is the community web site for Bug Bounty HQ.  Here you can meet fellow bug hunters, share ideas and ask for help on issues (This does require user registration)


At Bug Bounty HQ we value any thoughts or suggestions that you may have to improve the platform.  Please feel free to submit them and we will endeavor to make these changes where ever it is possible.

We wish all the researchers great success in their security audits and for the program teams, if the researchers are successful so is your program, helping you to achieving a higher level of security assurance.