About The Bug Bounty Village

BUG BOUNTY Village serves as a platform for bug bounty researchers and Infosec professionals to gather and share their experiences. It provides an ideal space for learning about bug bounties, report writing, and exchanging knowledge with others. Through a series of talks, training sessions, and awards, our aim is to make this engaging platform accessible to everyone

Sponsored by riskprofiler.io

The Bug Bounty Village comprises two main components:

  • Unique Bug of the Year Award / Best Bounty Hunter of the Year: This initiative is designed to motivate and incentivize researchers in creating comprehensive and effective vulnerability reports. Furthermore, even if your vulnerability or bug discovery report is found to be a duplicate, there's no need for concern. Instead, take it as a positive, as duplicate reports will also be considered during the submission evaluation process. We recognize and value the significant time and effort invested by researchers and bug bounty hunters in uncovering vulnerabilities.
  • Talks and Workshops: This segment focuses on the exchange of knowledge among bug bounty hunters and individuals within the security community. This includes those already established in the Infosec field, those who are just beginning their journey, and those interested in embarking on a career within the realm of information security.

Bug Bounty Recognition and Guidelines

  • If you have reported a unique and good vulnerability in any target(Web, Mobile, IoT, Network) as part of the bug bounty program then submit your report to us.
  • If you have got duplicates ,feel free to share it with us. We will analyze it and try to do something to keep you motivated. We believe in your efforts.
  • Please report only those bugs which are already remediated.
  • If you have written any specific tool for bug hunting, do apply.
Guidelines for the report submission:
  • Report only bugs that have been fixed by the organization.
  • You can also submit reports of the private programs,which don't allow you to disclose the vulnerabilities. In this scenario, please omit the target name and required information by which the target can be identified.
  • Please submit the reports which have been submitted by you alone, do not copy-paste reports from the internet.
  • Submit the reports with POC (Proof of Concept) which signifies that the bug is disclosed to the organization.

Who Speaking?

Miroslav Stampar

author of sqlmap

Swapneel Patneka

CEO of Shreshta

Rudra Pratap

Smart Contract Triager, Immunefi

Armaan Pathan

Senior Security Engineer at Certus Cybersecurity

Alex Devassy

Senior Offensive Security Consultant at EY

Nikhil Shrivastava

Synack Red Team Legend

Manas Harsh

Security Analyst at Netskope, OWASP Patna Chapter Leader

Jayesh Ahire

Product Manager at TraceableAI

Roshan Piyush

Security Research Engineer at Traceable AI

Rohan Kumar Birtia

Staff Security Engineer

Event Schedule

Our Sponsors

Previous Edition Winners


Rahul Kankrale

Unique Bug of the Year & XBOX


Arun Mishra

Hak 5 Gadget



Pentester Lab

International Centre Goa

Get Direction