├── README.md
└── dorks.txt


/README.md:
--------------------------------------------------------------------------------
 1 | # Bug Bounty Dorks
 2 | List of Google Dorks to search for companies that have a responsible disclosure program or bug bounty program which are not affiliated with known bug bounty platforms such as HackerOne or Bugcrowd.
 3 | 
 4 | Pull requests are welcome! 
 5 | 
 6 | ### Credits
 7 | 
 8 | - [Nightwatch Cybersecurity](https://wwws.nightwatchcybersecurity.com/2019/05/04/finding-unlisted-public-bounty-programs-with-google-dorks/)
 9 | 
10 | - [Emad Shanab](https://twitter.com/alra3ees/status/1147728448170942464)
11 | 
12 | - [Kunal Pandey](https://twitter.com/kunalp94/status/1180193592846868480)
13 | 
14 | - [A:\fie](https://twitter.com/emenalf/status/1099180292068294658)
15 | 
16 | - [Aishwarya Kendle](https://medium.com/@aishwaryakendle/how-we-hijacked-26-subdomains-9c05c94c7049)
17 | 
18 | - [zseano](https://twitter.com/zseano/status/1261292736478687232)
19 | 
20 | - [nil0x42](https://twitter.com/nil0x42/status/1394220395255922689)
21 | 
22 | ### Contributors
23 | - [The Mysterious Cyber Warriors](https://github.com/gauravdrago)
24 | 
25 | - [Mohammed Adam](https://github.com/AmdAdam)
26 | 
27 | - [Anishka Shukla](https://github.com/anishkashukla)
28 | 
29 | - [ghostbit11](https://github.com/ghostbit11)
30 | 


--------------------------------------------------------------------------------
/dorks.txt:
--------------------------------------------------------------------------------
 1 | inurl /bug bounty
 2 | inurl : / security
 3 | inurl:security.txt
 4 | inurl:security "reward"
 5 | inurl : /responsible disclosure
 6 | inurl : /responsible-disclosure/ reward
 7 | inurl : / responsible-disclosure/ swag
 8 | inurl : / responsible-disclosure/ bounty
 9 | inurl:'/responsible disclosure' hoodie
10 | responsible disclosure swag r=h:com
11 | responsible disclosure hall of fame
12 | inurl:responsible disclosure $50
13 | responsible disclosure europe
14 | responsible disclosure white hat
15 | white hat program
16 | insite:"responsible disclosure" -inurl:nl
17 | intext responsible disclosure
18 | site eu responsible disclosure
19 | site .nl responsible disclosure
20 | site responsible disclosure
21 | responsible disclosure:sites
22 | responsible disclosure r=h:nl
23 | responsible disclosure r=h:uk
24 | responsible disclosure r=h:eu
25 | responsible disclosure bounty r=h:nl
26 | responsible disclosure bounty r=h:uk
27 | responsible disclosure bounty r=h:eu
28 | responsible disclosure swag r=h:nl
29 | responsible disclosure swag r=h:uk
30 | responsible disclosure swag r=h:eu
31 | responsible disclosure reward r=h:nl
32 | responsible disclosure reward r=h:uk
33 | responsible disclosure reward r=h:eu
34 | "powered by bugcrowd" -site:bugcrowd.com
35 | "submit vulnerability report"
36 | "submit vulnerability report" | "powered by bugcrowd" | "powered by hackerone"
37 | site:*.gov.* "responsible disclosure"
38 | intext:"we take security very seriously"
39 | site:responsibledisclosure.com
40 | inurl:'vulnerability-disclosure-policy' reward
41 | intext:Vulnerability Disclosure site:nl
42 | intext:Vulnerability Disclosure site:eu
43 | site:*.*.nl intext:security report reward
44 | site:*.*.nl intext:responsible disclosure reward
45 | "security vulnerability" "report"
46 | inurl"security report"
47 | "responsible disclosure" university
48 | inurl:/responsible-disclosure/ university
49 | buy bitcoins "bug bounty"
50 | inurl:/security ext:txt "contact"
51 | "powered by synack"
52 | intext:responsible disclosure bounty
53 | inurl: private bugbountyprogram
54 | inurl:/.well-known/security ext:txt
55 | inurl:/.well-known/security ext:txt intext:hackerone
56 | inurl:/.well-known/security ext:txt -hackerone -bugcrowd -synack -openbugbounty
57 | inurl:reporting-security-issues
58 | inurl:security-policy.txt ext:txt
59 | site:*.*.* inurl:bug inurl:bounty
60 | site:help.*.* inurl:bounty
61 | site:support.*.* intext:security report reward
62 | intext:security report monetary inurl:security
63 | intext:security report reward inurl:report
64 | site:security.*.* inurl: bounty
65 | site:*.*.de inurl:bug inurl:bounty
66 | site:*.*.uk intext:security report reward
67 | site:*.*.cn intext:security report reward
68 | "vulnerability reporting policy"
69 | "van de melding met een minimum van een" -site:responsibledisclosure.nl
70 | inurl:responsible-disclosure-policy
71 | "If you believe you've found a security vulnerability"
72 | intext:"BugBounty" and intext:"BTC" and intext:"reward"
73 | intext:bounty inurl:/security
74 | inurl:"bug bounty" and intext:"€" and inurl:/security
75 | inurl:"bug bounty" and intext:"$" and inurl:/security
76 | inurl:"bug bounty" and intext:"INR" and inurl:/security
77 | inurl:/security.txt "mailto*" -github.com  -wikipedia.org -portswigger.net -magento
78 | /trust/report-a-vulnerability
79 | site:*.edu intext:security report vulnerability
80 | "cms" bug bounty
81 | "If you find a security issue"  "reward"
82 | "responsible disclosure" intext:"you may be eligible for monetary compensation"
83 | inurl: "responsible disclosure", "bug bounty", "bugbounty"
84 | intext: we offer a bounty
85 | responsible disclosure inurl:in
86 | site:*.br responsible disclosure
87 | site:*.at responsible disclosure
88 | site:*.be responsible disclosure
89 | site:*.au responsible disclosure
90 | site:*/security.txt "bounty"
91 | inurl:bug bounty intext:"rupees"
92 | inurl:bug bounty intext:"₹"
93 | inurl:responsible disclosure intext:"INR"
94 | 


--------------------------------------------------------------------------------