Vulnerability Disclosure Program (VDP)

VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.

usac-vdp-pro

BugcrowdView on Bugcrowd

RawAI Enhanced

In Scope

Out of Scope

In-Scope Assets (14)

Asset	Category	Bounty	Quick Links
https://forms.universalservice.org/portal/login	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://getinternet.gov/apply?id=nv_home&ln=RW5nbGlzaA%3D%3D	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://usac.okta.com	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://usac.okta.com/api/v1/groups	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://usac.okta.com/api/v1/groups/{{groupId}}	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://usac.okta.com/api/v1/groups/{{groupId}}/users/{{userId}}	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://usac.okta.com/api/v1/sessions/{{sessionId}}	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://usac.okta.com/api/v1/users/{{userId}}	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://usac.okta.com/api/v1/users/{{userId}}/lifecycle/activate?sendEmail=false	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://usac.okta.com/api/v1/users/{{userId}}/lifecycle/deactivate	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://usac.okta.com/api/v1/users/{{userId}}/lifecycle/expire_password?tempPassword=true	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://usac.okta.com/api/v1/users/{{userId}}/lifecycle/reset_password?sendEmail=false	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://usac.okta.com/api/v1/users/{{userId}}/lifecycle/unlock	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://www.usac.org/	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa

Scope Changes (70)

Mar 5, 2026

Change	Asset	Category	Scope	Time
Added	https://usac.okta.com/api/v1/groups/%7B%7BgroupId%7D%7D/users/%7B%7BuserId%7D%7D	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/groups/%7B%7BgroupId%7D%7D	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/sessions/%7B%7BsessionId%7D%7D	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/expire_password?tempPassword=true	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/deactivate	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/activate?sendEmail=false	URL	In Scope	22:37
Added	https://usac.okta.com	URL	In Scope	22:37
Added	https://getinternet.gov/apply?id=nv_home&ln=RW5nbGlzaA%3D%3D	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/groups	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/reset_password?sendEmail=false	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/unlock	URL	In Scope	22:37
Added	https://forms.universalservice.org/portal/login	URL	In Scope	22:37
Added	https://www.usac.org/	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/groups/%7B%7BgroupId%7D%7D/users/%7B%7BuserId%7D%7D	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/groups/%7B%7BgroupId%7D%7D	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/groups	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/sessions/%7B%7BsessionId%7D%7D	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/reset_password?sendEmail=false	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/expire_password?tempPassword=true	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/unlock	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/deactivate	URL	In Scope	22:37
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/activate?sendEmail=false	URL	In Scope	22:37
Added	https://usac.okta.com	URL	In Scope	22:37
Added	https://forms.universalservice.org/portal/login	URL	In Scope	22:37
Added	https://www.usac.org/	URL	In Scope	22:37
Added	https://getinternet.gov/apply?id=nv_home&ln=RW5nbGlzaA%3D%3D	URL	In Scope	22:37

Feb 25, 2026

Change	Asset	Category	Scope	Time
Added	https://usac.okta.com/api/v1/groups/%7B%7BgroupId%7D%7D/users/%7B%7BuserId%7D%7D	URL	In Scope	19:19
Added	https://usac.okta.com/api/v1/groups	URL	In Scope	19:19
Added	https://usac.okta.com/api/v1/sessions/%7B%7BsessionId%7D%7D	URL	In Scope	19:19
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D	URL	In Scope	19:19
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/expire_password?tempPassword=true	URL	In Scope	19:19
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/unlock	URL	In Scope	19:19
Added	https://forms.universalservice.org/portal/login	URL	In Scope	19:19
Added	https://www.usac.org/	URL	In Scope	19:19
Added	https://usac.okta.com/api/v1/groups/%7B%7BgroupId%7D%7D	URL	In Scope	19:19
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/reset_password?sendEmail=false	URL	In Scope	19:19
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/deactivate	URL	In Scope	19:19
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/activate?sendEmail=false	URL	In Scope	19:19
Added	https://usac.okta.com	URL	In Scope	19:19
Added	https://getinternet.gov/apply?id=nv_home&ln=RW5nbGlzaA%3D%3D	URL	In Scope	19:19
Added	https://usac.okta.com/api/v1/groups/%7B%7BgroupId%7D%7D/users/%7B%7BuserId%7D%7D	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/groups/%7B%7BgroupId%7D%7D	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/groups	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/sessions/%7B%7BsessionId%7D%7D	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/reset_password?sendEmail=false	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/expire_password?tempPassword=true	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/unlock	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/deactivate	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/activate?sendEmail=false	URL	In Scope	17:18
Added	https://usac.okta.com	URL	In Scope	17:18
Added	https://forms.universalservice.org/portal/login	URL	In Scope	17:18
Added	https://www.usac.org/	URL	In Scope	17:18
Added	https://getinternet.gov/apply?id=nv_home&ln=RW5nbGlzaA%3D%3D	URL	In Scope	17:18
Added	https://www.usac.org/	URL	In Scope	17:18
Added	https://getinternet.gov/apply?id=nv_home&ln=RW5nbGlzaA%3D%3D	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/groups/%7B%7BgroupId%7D%7D/users/%7B%7BuserId%7D%7D	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/groups/%7B%7BgroupId%7D%7D	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/reset_password?sendEmail=false	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/unlock	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/deactivate	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/activate?sendEmail=false	URL	In Scope	17:18
Added	https://forms.universalservice.org/portal/login	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/groups	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/sessions/%7B%7BsessionId%7D%7D	URL	In Scope	17:18
Added	https://usac.okta.com/api/v1/users/%7B%7BuserId%7D%7D/lifecycle/expire_password?tempPassword=true	URL	In Scope	17:18
Added	https://usac.okta.com	URL	In Scope	17:18