Finding Other Programs

Many companies have bug bounty programs. If there's a particular site or app you're interested in testing, finding out whether it's supported by a bug bounty is as easy as a couple of searches. Queries that take advantage of Google's expressive search syntax, such as inurl:/security/, intext:bug bounty, and intext:reward are all great building blocks you can use to discover new programs. You can even combine them to drill down into bounty programs that are specific to a certain application – a query such as intext:"Bug Bounty" AND intext:"vulnerability" AND intext:"reward" AND inurl:"/wp-content/"  can be used to return program pages for Wordpress sites (credit to Sachin Wagh (@tiger_tigerboy) for the dorks).

You can even set up a Google alert using these search terms and others, to give you a simple, automated way of discovering new programs to participate in.

For something a little less ad-hoc: in addition to the great teaching resources it provides, Bugcrowd curates a list populated by its members on what bug bounty programs are available as well as whether they provide financial compensation versus company swag, their age, and whether or not they feature a "Hall of Fame" for successful researchers. You can find the table at https://www.bugcrowd.com/bug-bounty-list/.

Firebounty, mentioned earlier as a product of YesWeH4ck, is a hybrid that shows that bounty programs from other platforms as well as its own unique offerings. As a product of the French security scene, it has an interesting mix of both transatlantic and European websites, mobile apps, and APIs.