Vulnerability Disclosure Program (VDP)

VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.

digital-flanders-vulnerability-disclosure-program

YesWeHackView on YesWeHack

RawAI Enhanced

In Scope

Out of Scope

In-Scope Assets (6)

Asset	Category	Bounty	Quick Links
*.vlaanderen.be	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
https://beta.gastwebsite-acm.burgerprofiel.ext-vlaanderen.be	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
https://beta.gastwebsite.burgerprofiel.ext-vlaanderen.be	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
https://beta.widgets.burgerprofiel.dev-vlaanderen.be/	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
https://burgerprofiel.beta-vlaanderen.be	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
https://vo-gebruikersbeheer.vlaanderen.be	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal

Out-of-Scope Assets (10)

Asset	Category	Bounty
- opibus.onderwijs.vlaanderen.be	OTHER	No
Newly onboarded systems may have a blackout window (up to six months).	OTHER	No
Third-party/vendor-operated services (DV cannot authorize testing on systems not owned or operated by us).	OTHER	No
bibis*.vlaanderen.be	OTHER	No
cdn.vlaanderen.be	OTHER	No
codex.opendata.api.vlaanderen.be	OTHER	No
ets*.omgeving.vlaanderen.be	OTHER	No
https://www.vlaanderen.be/aanmelden/help/mail.html (and ?*)	OTHER	No
https://www.vlaanderen.be/vlaamse-overheid/contact/stuur-een-e-mail	OTHER	No
natura2000.vlaanderen.be	OTHER	No