Vulnerability Disclosure Program (VDP)

VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.

skyscanner

BugcrowdView on Bugcrowd

RawAI Enhanced

In Scope

Out of Scope

In-Scope Assets (8)

Asset	Category	Bounty	Quick Links
*.skyscanner.net	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
AWS Infrastructure	OTHER	No	-
Skyscanner Android App	ANDROID	No	-
Skyscanner iOS App	IOS	No	-
gateway.skyscanner.net/*	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
partnerportal.skyscanner.net/*	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
skyscanner.net/*	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
skyscanner.net/hotels/book/*	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal

Out-of-Scope Assets (1)

Asset	Category	Bounty
Corporate Email (*@skyscanner.net)	OTHER	No