The Disclose.io Project Directory - All active and proposed disclose.io projects and services.
- Policymaker - Template-based generator for VDP policy, safe harbor clauses, security.txt, and DNS Security TXT.
- Note: Policymaker is currently in Beta. We're actively soliciting feedback via The Disclose.io Community.
- dioterms - Open-source vulnerability disclosure policy templates.
- Disclose.io Database - Open-source vulnerability disclosure and bug bounty program database.
- dioseal - The Disclose.io Status best practice seal.
- The Disclose.io Community - Crowdsourcing the never-ending task of connecting security researchers and vulnerability finders with security teams.
- dnssecuritytxt - A standard allowing organizations to nominate security contact points and policies via DNS TXT records.
- Note: DNS Security TXT is currently in draft. We're actively soliciting feedback via Github Issues.
- Research Threats - Collection of legal threats against good faith Security Researchers; vulnerability disclosure gone wrong. A continuation of work started by @attritionorg
- Bug Bounty and VDP Platforms - A community-powered collection of all known bug bounty platforms, vulnerability disclosure platforms, and crowdsourced security platforms currently active on the Internet.
- diodata - Tools, data, and contact lists relevant to The disclose.io Project.
- diosts - A Go scraper that validates security.txt files and outputs them in the disclose.io JSON format.
- data.disclose.io - Internet-wide survey of vulnerability disclosure and bug bounty program adoption.
We're always up for new ideas to take hacker/vendor relationships forward, and we're always looking for maintainers and contributors. Open a PR with a name and one-liner description of your new idea, or drop us a line at hello@disclose.io.