A globe with white hats

Detectify Crowdsource

Let's make the web safer

Detectify Crowdsource allows security researchers to submit newly discovered exploits and we incorporate them into Detectify's automated security service. Every time a reported issue is found on any of our customer's websites, the researcher is rewarded.

What is Crowdsource?

A community of researchers

Detectify Crowdsource is an invite only community of the world's top security researchers. Our hand picked researchers submit web vulnerabilities which we integrate into the Detectify platform. Our goal is to combine the power of crowdsourcing with the capacity of automation to ultimately make the internet a safer place.

How it actually works

A white hat

Let's break it down

Our process in four steps

  • Number 1

    You find a vulnerability* or common misconfiguration in a widely used system. Such as a CMS, framework, library etc.

  • Number 2

    You submit a proof-of-concept to us about the vulnerability which is then reviewed by us.

  • Number 3

    We automate the vulnerability and continuously test for it on all our customers.

  • Number 4

    You will see statistics on the number of hits of the vulnerability and will be rewarded for each unique hit it produces.

* it does not have to be a 0-day or originally found by you, everything we haven't already automated is interesting.

Considering submitting a 0-day? Please read our vulnerability disclosure guidelines before submitting it.

The innovation

A unique bug bounty experience

Detectify Crowdsource approaches bug bounties in an innovating way, focusing on platforms instead of specific clients.

This means that we are interested in commonly used CMSes, libraries, frameworks, web servers or common misconfigurations that affect a lot of customers.

As soon as you find one of these vulnerabilities, you report it to us and we build a module for it. Every time your vulnerability is detected, we will automatically report it to the customer without you having to write any reports or submit any additional information.

And the icing on the cake, you’ll be rewarded every time an issue is found.

We do not ask for exclusivity with either your participation or submissions.

A machine that automates bughunting

Hack the planet

Join the bright side

Detectify Crowdsource is an invite only program. We do, however, gladly accept requests to join. Just shoot us an email and we'll get back to you as soon as possible.

Get with the program

Crowdsource leaderboard


Kevin Morssink

score: 18066

Sergey Bobrov

score: 7504

Tarek Siddiki

score: 6048

Eric Head

score: 4248

Frans Rosén

score: 4016


score: 3296

Sasi Levi

score: 2048


score: 1792

The brains behind it

The Detectify service

Detectify is a SaaS based web application security scanner that analyzes the security level of your website and creates a report with the results.
It is designed to be easy to use even for those with little or no previous knowledge of web security.

Go hack yourself!

Screendump of detectify tool