Giters

cablej / hack-your-government

A list of governments with Vulnerability Disclosure Policies

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Can you hack your government?

Vulnerability disclosure policies and bug bounty programs are becoming standard across industry and government. Beginning with the U.S. Department of Defense, several government agencies worldwide have implemented vulnerability disclosure programs.

This is a list of government agencies that have bug bounty programs or vulnerability disclosure policies. Please submit a pull request if any government agencies are missing from this list.

Note: This list is not an invitation to hack any of the listed organizations. Ensure that you comply with all listed terms of an organization's vulnerability disclosure policy.

Organization Type Rewards Link Notes
U.S. Department of Defense VDP None https://hackerone.com/deptofdefense Safe Harbor
U.S. Department of Defense Bug Bounty Varies Private, time-limited challenges
GSA Technology Transformation Services Bug Bounty $150-$5,000 https://hackerone.com/gsa_bbp Safe Harbor
Iowa Secretary of State VDP N/A https://sos.iowa.gov/pdf/IOWA_SOS_VDP_Policy.pdf Safe Harbor
Ohio Secretary of State VDP N/A https://www.ohiosos.gov/vulnerability-disclosure-policy/ Safe Harbor
State of Delaware VDP https://delaware.gov/help/responsible-disclosure.shtml Partial Safe Harbor
Washington D.C. VDP N/A https://octo.dc.gov/sites/default/files/dc/sites/octo/publication/attachments/Responsible%20Disclosure%20Policy%20.pdf
Minnesota Secretary of State VDP N/A https://sos.mn.gov/about-the-office/about-the-office/vulnerability-disclosure-program/
Idaho Secretary of State VDP N/A https://sos.idaho.gov/vulnerability-disclosure-policy/
South Carolina Election Commission VDP N/A https://scvotes.gov/resources/vulnerability-disclosure-program/
State of New Jersey VDP N/A https://www.cyber.nj.gov/report/vulnerability-disclosure/vulnerability-disclosure-policy
City of Los Angeles VDP N/A https://hackerone.com/city_of_los_angeles_vdp
Netherlands NCSC VDP Up to €300 https://www.ncsc.nl/security
Netherlands Central Government VDP N/A https://www.government.nl/topics/cybercrime/fighting-cybercrime-in-the-netherlands/responsible-disclosure
Government of Jersey VDP N/A https://www.gov.je/Pages/DisclosurePolicy.aspx
United Kingdom NCSC VDP None https://hackerone.com/ncsc_uk
Administrative Conference of the United States VDP N/A https://www.acus.gov/vulnerability-disclosure-policy
African Development Foundation VDP N/A https://www.usadf.gov/vulnerability-disclosure-policy
American Battle Monuments Commission VDP N/A https://www.abmc.gov/vulnerability-disclosure-policy
Armed Forces Retirement Home VDP N/A https://www.afrh.gov/vulnerability-disclosure-policy
Barry Goldwater Scholarship and Excellence in Education Foundation VDP N/A https://goldwaterscholarship.gov/vulnerability-disclosure-policy/
Board of Governors of the Federal Reserve VDP N/A https://www.federalreserve.gov/vulnerability-disclosure-policy
Chemical Safety Board VDP N/A https://www.csb.gov/vulnerability-disclosure-policy/
Commission of Fine Arts VDP N/A https://www.cfa.gov/vulnerability-disclosure-policy
Commodity Futures Trading Commission VDP N/A https://www.cftc.gov/vulnerability-disclosure-policy
Consumer Financial Protection Bureau VDP N/A https://www.cfpb.gov/vulnerability-disclosure-policy
Consumer Product Safety Commission VDP N/A https://www.cpsc.gov/vulnerability-disclosure-policy
Corporation for National and Community Service VDP N/A https://americorps.gov/about/agency-overview/vulnerability-disclosure-policy
Council of the Inspectors General on Integrity and Efficiency VDP N/A https://www.ignet.gov/vulnerability-disclosure-policy
Court Services and Offender Supervision Agency VDP N/A https://www.csosa.gov/vulnerability-disclosure-policy
Defense Nuclear Facilities Safety Board VDP N/A https://www.dnfsb.gov/vulnerability-disclosure-policy
Denali Commission VDP N/A https://www.denali.gov/vulnerability-disclosure-policy
Department of Commerce VDP N/A https://www.doc.gov/vulnerability-disclosure-policy
Department of Education VDP N/A https://www.ed.gov/vulnerability-disclosure-policy
Department of Energy VDP N/A https://doe.responsibledisclosure.com/hc/en-us
Department of Health and Human Services VDP N/A https://www.hhs.gov/vulnerability-disclosure-policy
Department of Homeland Security VDP N/A https://www.dhs.gov/vulnerability-disclosure-policy
Department of Housing and Urban Development VDP N/A https://www.hud.gov/vulnerability-disclosure-policy
Department of Justice VDP N/A https://www.justice.gov/vulnerability-disclosure-policy
Department of Labor VDP N/A https://www.dol.gov/vulnerability-disclosure-policy
Department of State VDP N/A https://www.state.gov/vulnerability-disclosure-policy/
Department of the Interior VDP N/A https://www.doi.gov/vulnerability-disclosure-policy
Department of the Treasury VDP N/A https://www.treasury.gov/vulnerability-disclosure-policy
Department of Transportation VDP N/A https://www.dot.gov/vulnerability-disclosure-policy
Department of Veterans Affairs VDP N/A https://www.va.gov/vulnerability-disclosure-policy
Election Assistance Commission VDP N/A https://www.eac.gov/vulnerability-disclosure-policy
Environmental Protection Agency VDP N/A https://www.epa.gov/vulnerability-disclosure-policy
Equal Employment Opportunity Commission VDP N/A https://www.eeoc.gov/vulnerability-disclosure-policy
Export-Import Bank of the United States VDP N/A https://www.exim.gov/vulnerability-disclosure-policy
Farm Credit Administration VDP N/A https://www.fca.gov/vulnerability-disclosure-policy
Farm Credit System Insurance Corporation VDP N/A https://www.fcsic.gov/vulnerability-disclosure-policy
Federal Communications Commission VDP N/A https://www.fcc.gov/vulnerability-disclosure-policy
Federal Deposit Insurance Corporation VDP N/A https://www.fdic.gov/policies/vulnerability/
Federal Energy Regulatory Commission VDP N/A https://www.ferc.gov/vulnerability-disclosure-policy
Federal Housing Finance Agency VDP N/A https://www.fhfa.gov/vulnerability-disclosure-policy
Federal Labor Relations Authority VDP N/A https://www.flra.gov/vulnerability-disclosure-policy
Federal Maritime Commission VDP N/A https://www.fmc.gov/vulnerability-disclosure-policy/
Federal Mediation and Conciliation Service VDP N/A https://www.fmcs.gov/vulnerability-disclosure-policy
Federal Mine Safety and Health Review Commission VDP N/A https://www.fmshrc.gov/vulnerability-disclosure-policy
Federal Retirement Thrift Investment Board VDP N/A https://www.frtib.gov/vulnerability-disclosure-policy
Federal Trade Commission VDP N/A https://www.ftc.gov/vulnerability-disclosure-policy
General Services Administration VDP N/A https://www.gsa.gov/vulnerability-disclosure-policy
Harry S Truman Scholarship Foundation VDP N/A https://www.truman.gov/vulnerability-disclosure-policy
Institute of Museum and Library Services VDP N/A https://www.imls.gov/vulnerability-disclosure-policy
Inter-American Foundation VDP N/A https://www.iaf.gov/vulnerability-disclosure-policy/
James Madison Memorial Fellowship Foundation VDP N/A https://www.jamesmadison.gov/vulnerability-disclosure-policy
Japan-United States Friendship Commission VDP N/A https://www.jusfc.gov/vulnerability-disclosure-policy
Marine Mammal Commission VDP N/A https://www.mmc.gov/vulnerability-disclosure-policy/
Merit Systems Protection Board VDP N/A https://www.mspb.gov/vulnerability-disclosure-policy/
Millennium Challenge Corporation VDP N/A https://www.mcc.gov/vulnerability-disclosure-policy
Morris K. Udall and Stewart L. Udall Foundation VDP N/A https://www.udall.gov/vulnerability-disclosure-policy
National Aeronautics and Space Administration VDP N/A https://www.nasa.gov/vulnerability-disclosure-policy
National Archives and Records Administration VDP N/A https://www.nara.gov/vulnerability-disclosure-policy
National Capital Planning Commission VDP N/A https://www.ncpc.gov/vulnerability-disclosure-policy
National Council on Disability VDP N/A https://www.ncd.gov/vulnerability-disclosure-policy
National Credit Union Administration VDP N/A https://www.ncua.gov/vulnerability-disclosure-policy
National Endowment for the Arts VDP N/A https://www.arts.gov/vulnerability-disclosure-policy
National Endowment for the Humanities VDP N/A https://www.neh.gov/vulnerability-disclosure-policy
National Labor Relations Board VDP N/A https://www.nlrb.gov/vulnerability-disclosure-policy
National Mediation Board VDP N/A https://nmb.gov/NMB_Application/index.php/vdp/
National Science Foundation VDP N/A https://www.nsf.gov/vulnerability-disclosure-policy
National Transportation Safety Board VDP N/A https://www.ntsb.gov/Pages/vulnerability-disclosure-policy.aspx
Nuclear Regulatory Commission VDP N/A https://www.nrc.gov/vulnerability-disclosure-policy
Nuclear Waste Technical Review Board VDP N/A https://www.nwtrb.gov/vulnerability-disclosure-policy
Occupational Safety and Health Review Commission VDP N/A https://www.oshrc.gov/vulnerability-disclosure-policy
Office of the Comptroller of the Currency VDP N/A https://www.occ.gov/about/policies/vulnerability-disclosure-policy.html
Office of Government Ethics VDP N/A https://www.oge.gov/vulnerability-disclosure-policy
Office of Navajo and Hopi Indian Relocation VDP N/A https://www.onhir.gov/vulnerability-disclosure-policy
Office of Personnel Management VDP N/A https://www.opm.gov/vulnerability-disclosure-policy
Office of Special Counsel VDP N/A https://osc.gov/vulnerability-disclosure-policy
Peace Corps VDP N/A https://www.peacecorps.gov/vulnerability-disclosure-policy/
Pension Benefit Guaranty Corporation VDP N/A https://www.pbgc.gov/vulnerability-disclosure-policy
Postal Regulatory Commission VDP N/A https://www.prc.gov/vulnerability-disclosure-policy
Presidio Trust VDP N/A https://www.presidio.gov/presidio-trust/about/vulnerability-disclosure-policy
Privacy and Civil Liberties Oversight Board VDP N/A https://www.pclob.gov/vulnerability-disclosure-policy
Railroad Retirement Board VDP N/A https://www.rrb.gov/vulnerability-disclosure-policy
Securities and Exchange Commission VDP N/A https://www.sec.gov/vulnerability-disclosure-policy
Selective Service System VDP N/A https://www.sss.gov/vulnerability-disclosure-policy
Small Business Administration VDP N/A https://www.sba.gov/vulnerability-disclosure-policy
Social Security Administration VDP N/A https://www.ssa.gov/vulnerability-disclosure-policy
Social Security Advisory Board VDP N/A https://www.ssab.gov/vulnerability-disclosure-policy
Surface Transportation Board VDP N/A https://prod.stb.gov/vulnerability-disclosure-policy
Tennessee Valley Authority VDP N/A https://www.tva.com/vulnerability-disclosure-policy
U.S. Section of International Boundary and Water Commission VDP N/A https://www.state.gov/vulnerability-disclosure-policy/
United States AbilityOne Commission VDP N/A https://www.abilityone.gov/laws,_regulations_and_policy/documents/
United States Access Board VDP N/A https://www.access-board.gov/vulnerability-disclosure-policy
United States Agency for Global Media VDP N/A https://www.usagm.gov/vulnerability-disclosure-policy/
United States Agency for International Development VDP N/A https://www.usaid.gov/vulnerability-disclosure-policy
United States Commission on Civil Rights VDP N/A https://www.usccr.gov/vulnerability-disclosure-policy
United States Department of Agriculture VDP N/A https://www.usda.gov/vulnerability-disclosure-policy
United States Interagency Council on Homelessness VDP N/A https://www.usich.gov/vulnerability-disclosure-policy
United States International Development Finance Corporation VDP N/A https://www.dfc.gov/vulnerability-disclosure-policy
United States International Trade Commission VDP N/A https://www.usitc.gov/vulnerability-disclosure-policy
United States Trade and Development Agency VDP N/A https://www.ustda.gov/vulnerability-disclosure-policy
United States Courts VDP N/A https://www.uscourts.gov/privacy-security-policy/vulnerability-disclosure-policy

About

A list of governments with Vulnerability Disclosure Policies