Logo

Bug Bounty

As you know ZoneDB is a mirror/zone alert service. At this point, we believe that we should provide the security of our systems firstly to be able to secure our knowledge and continuity really!
We are paranoid about security. It is our top priority and we are working vigilantly to keep our knowledge and services information secure. We will review your reports carefully.

Program Terms

Please follow our program terms for the security research process. So, we will not sue you and we will allow you to test our services ethically.

  • Please don't attack to our services or websites. Don't test on real users and don't try to crash our services and platforms.
  • Denial of service attacks are not allowed. Please only check for software bugs. Give us some time to fix bugs and don't disclose the vulnerability and don't talk about it until we fix the problem.
  • We will only reward the first reporter of the bug. So, if you have discovered a bug, report us as soon as possible.

Scope

We don't have a program scope. We just want to see everything that you can do.

Feel free to report us Self XSS, information disclosure and all types of bugs! All bugs are important for us.

We have two reward types, Hall of Fame and swags. Currently, we are not able to give monetary rewards but we will add your names to our Hall of Fame list and we will send you some gifts if you are living in Turkey. (We will support other countries very soon.)

Please make your tests just on our website, we don't have another website or platform. Our scopes:

  • *.zone-db.org
  • zone-db.org
  • api.zone-db.org

Please send your reports to [email protected] email address.

"Are you good enough to be able to hack us?"