Vulnerability Disclosure Program (VDP)
VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.
ifood-og
20
In Scope
7
Out of Scope
In-Scope Assets (20)
| Asset | Category | Bounty | Quick Links | |
|---|---|---|---|---|
| https://*.movilepay.com | URL | No | ||
| https://*.movilepay.com.br | URL | No | ||
| https://api.fstr.rocks | URL | No | ||
| https://apps.apple.com/br/app/ifood-pedir-comida-e-mercado/id483017239 | IOS | No | - | |
| https://contadigital.ifoodpago.com.br/ | URL | No | ||
| https://dash.zoop.com.br/ | URL | No | ||
| https://developer.ifood.com.br | URL | No | ||
| https://gestordepedidos.ifood.com.br | URL | No | ||
| https://marketplace.ifood.com.br | URL | No | ||
| https://play.google.com/store/apps/details?id=br.com.brainweb.ifood&hl=pt_BR | ANDROID | No | ||
| https://play.google.com/store/apps/details?id=br.com.movilepay.banking.application&hl=pt_BR | URL | No | ||
| https://portal.iFoodpago.com.br | URL | No | ||
| https://rc.fstr.rocks | URL | No | ||
| https://shop.ifood.com.br | URL | No | ||
| https://static-images.ifood.com.br | URL | No | ||
| https://wsloja.ifood.com.br | URL | No | ||
| https://www.ifood.com.br | URL | No | ||
| https://www.minhaconta.zoop.com.br | URL | No | ||
| https://www.zoop.com.br | URL | No | ||
| https://www.zoop.ws | URL | No |
Out-of-Scope Assets (7)
| Asset | Category | Bounty | |
|---|---|---|---|
| *.allin.movilepay.com | URL | No | |
| *.ecomanda.app | URL | No | |
| *.ecomanda.com.br | URL | No | |
| *.starsoft.movilepay.com | URL | No | |
| Gestor de Pedidos - Desktop Client | OTHER | No | |
| blog-empresas.ifood.com.br | URL | No | |
| blog-parceiros.ifood.com.br | URL | No |