PortSwigger Web Security HackerOne
Target Policy
https://hackerone.com/portswigger?type=teamStructured Scope
-
Asset Identifier
Asset Type
Max Severity
-
portswigger.net
https://portswigger.net
URLcritical -
ai.portswigger.netURLcritical
-
*.web-security-academy.net
The Academy contains numerous intentional vulnerabilities, and is completely isolated from our other infrastructure.
WILDCARDnone -
Burp Suite Extension (BApps)
These are made by third parties, and installed via the BApp store in the Burp Extender tab. High severity vulnerabilities only please.
DOWNLOADABLE_EXECUTABLESnone -
*.portswigger.net
Subdomains of portswigger.net that are not explicitly whitelisted are out of scope.
WILDCARDnone -
Burp Suite Enterprise Edition
Download from https://portswigger.net/requestfreetrial/enterprise
DOWNLOADABLE_EXECUTABLEScritical -
https://enterprise-demo.portswigger.net/
This is a hosted demo of Burp Suite Enterprise Edition.
URLcritical -
Burp Collaborator
Burp Collaborator is part of Burp Suite Pro - for further information refer to https://portswigger.net/burp/help/collaborator.html
DOWNLOADABLE_EXECUTABLEScritical -
forum.portswigger.netURLcritical
-
Burp Suite Pro/Community
Download from https://portswigger.net/burp
DOWNLOADABLE_EXECUTABLEShigh
Target Scope Domains
- ai.portswigger.net
- enterprise-demo.portswigger.net
- forum.portswigger.net
- portswigger.net
Tech Stack
Last Finished Scan:
Scan Name
Fleet
Finished
State
- Fleet: allkxss
- Duration: 17.68 Minutes
- Finished: 8 months, 3 weeks ago