Vulnerability Disclosure Program (VDP)

VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.

hack_the_box

HackerOneView on HackerOne

RawAI Enhanced

In Scope

Out of Scope

In-Scope Assets (9)

Asset	Category	Bounty	Quick Links
api.jobs.hackthebox.com	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
https://academy.hackthebox.com/	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
https://account.hackthebox.com	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
https://app.hackthebox.com/	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
https://ctf.hackthebox.com	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
https://enterprise.hackthebox.com	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
https://jobs.hackthebox.com/	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
https://status.hackthebox.com/	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
labs.hackthebox.com	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal