Secure millions of end users with your next vulnerability finding
Join a community of hand-picked ethical hackers who are passionate about securing modern technologies and making the Internet safer.
Transparent payment & rewards
We know that transparency is vital when it comes to paying and rewarding our ethical hackers. With Crowdsource, you are rewarded based on the number of companies that your submission helps. For every hit found, you'll get paid, meaning we'll reward your work continuously.
Connect with the community
Being part of the Crowdsource community means being surrounded by people with a common goal - to make the Internet a safer place. We'll work hard to give you the best possible experience, including knowledge-sharing opportunities, sending you great swag, and inviting you to exclusive events.
Crowdsource in numbers
Modules provided by Crowdsource researchers
Vulnerabilities found in Detectify customer assets
Top ranked ethical hackers in the Crowdsource community
Not your average bug bounty platform
We automate your vulnerability findings into our products
Crowdsource focuses on the automation of vulnerabilities rather than fixing bugs for specific clients. Once you find an accepted vulnerability in a widely used system such as a CMS, framework, or library, we'll automate it into our tool. All our customers will then benefit from the finding.
We remove the need for you to report your findings to companies manually
Crowdsource removes the need for you to report the same vulnerability to different companies. Simply report the vulnerability to us with a Proof of Concept, and we'll take care of the rest. This leaves you time to focus on what really matters - helping to make the Internet a safer place.
It's no fun without competition!
No community is complete without a bit of healthy competition. Points are rewarded for each hit a module generates, and the amount of points rewarded depends upon module severity. We even send out some cool swag to those in the top 3 spots!
Can you get to first place for the quarter, year, or even all-time?Check out our leaderboards
What's happening in the Crowdsource community?
Account hijacking using "dirty dancing" in sign-in OAuth-flows
How To Hack Web Applications in 2022: Part 1
Web applications can be exploited to gain unauthorized access to sensitive data and web servers. Threats include SQL Injection...