DEADLOCKBug Bounty Board
Post a Bounty
BountiesHow It WorksRewards
Post a Bounty
Security Bounty Platform

Every Bug Hasa Price on Its Head

The bounty board for serious security researchers. Post vulnerabilities, claim rewards, build your reputation. No middlemen, no delays.

$4.2MBounties Paid
1,847Active Hunters
48hrAvg. Payout
Wanted · Dead or Alive
WANTED
Reward Offered
$25,000

Critical authentication bypass in OAuth 2.0 token refresh flow. Affects all endpoints behind /api/v3/admin.

Posted by Vaultline Inc. · 3 days ago
⊶ ⊷ ⊶ ⊷ ⊶ ⊷ ⊶ ⊷ ⊶ ⊷ ⊶ ⊷ ⊶ ⊷ ⊶ ⊷ ⊶ ⊷ ⊶ ⊷ ⊶ ⊷ ⊶ ⊷ ⊶ ⊷ ⊶ ⊷ ⊶

Open ContractsActive Bounties

Every vulnerability posted is verified, scoped, and funded before it hits the board. Hunters get paid within 48 hours of accepted submission. No haggling, no fine print.

Critical

Remote Code Execution via Malformed WebSocket Handshake

A specially crafted WebSocket upgrade request can trigger arbitrary command execution on the application server. Affects the real-time collaboration engine in production. Full PoC required with remediation guidance.

$50,000Posted 12 hours ago
High

IDOR in Organization Billing API

Enumerable invoice endpoints expose cross-tenant financial data through sequential ID patterns.

$12,000Posted 2 days ago
Medium

Stored XSS in Markdown Preview

User-controlled markdown in project descriptions is rendered without proper sanitization in the team dashboard.

$4,500Posted 5 days ago

How It Works

01

Stake Your Claim

Companies post verified bounties with pre-funded escrow. Every dollar is locked before it hits the board.

02

Hunt the Vulnerability

Researchers pick their targets. Each bounty includes scope definitions, test credentials, and safe harbor agreements baked in.

03

Submit Your Proof

File your report with full reproduction steps, impact analysis, and remediation advice. Our triage team reviews within 24 hours.

04

Collect the Bounty

Accepted reports trigger immediate payout from escrow. Wire, crypto, or platform credit.

We found three critical vulnerabilities in our payment stack within the first week. Deadlock paid out $87,000 to the researchers before our internal team even finished their coffee.

ML
Marcus Laine
CISO, Vaultline Inc.
2,340Bugs Claimed
99.2%Payout Rate
186Companies
14minAvg. Triage
Witness Accounts
Field Reports from Hunters & Clients

I left HackerOne after six months of pending payouts. First bounty on Deadlock, paid in 19 hours. This is how it should have always worked.

Nadia Kolev
Independent Researcher, Sofia, BG

Our previous bug bounty program attracted noise. Deadlock's escrow model means only serious researchers engage. We went from 200 junk reports a month to 12 actionable findings that actually made our platform safer. The ROI is incomparable.

Tomás Herrera
VP Engineering, Ridgeline Health

Made $140K last year hunting exclusively on Deadlock. The scope docs are clear, triage is fast, and there's none of that "informative, won't fix" nonsense.

Jin Park
Top 10 Hunter, Seoul, KR

Bounty Rewards

Choose your program tier. All plans include escrow-backed payouts, safe harbor agreements, and dedicated triage support.

Scout
Free
For Researchers
  • Unlimited bounty submissions
  • 48-hour triage guarantee
  • Public hunter profile
  • Wire & crypto payouts
  • Hall of Fame listing
Start Hunting
Marshal
$990
Per Month
  • Up to 10 active bounties
  • Managed triage team
  • Pre-funded escrow wallet
  • Private scope & safe harbor
  • Vulnerability dashboard
  • Slack & Jira integrations
  • Priority hunter matching
Claim This Tier
Sheriff
$4,500
Per Month
  • Unlimited active bounties
  • Dedicated triage lead
  • Custom SLA agreements
  • Compliance reporting
  • Pentest coordination
  • SOC 2 artifact export
Contact Sales