Skip to content
Branch: master
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
26 lines (21 sloc) 4.58 KB

Can you hack your university?

Bug bounty programs are becoming standard across companies and governments. Universities are slower to adopt, and they's many documented cases of schools punishing students for unauthorized access to systems.

This is a list of universities that have bug bounty programs or vulnerability disclosure policies. Please reach out if your school has a program that I've missed, or if you would like help starting a bug bounty program at your school!

Note: This list is not an invitation to hack any of the listed universities. Ensure that you comply with all listed terms of a university's bug bounty program. Most are restricted to students of the university.

School Type Rewards Link Notes
Stanford Bug Bounty $50-$1000
MIT Bug Bounty TechCASH May no longer be active
Penn State Bug Bounty LionCash Invitation only, may no longer be active
Drexel Bug Bounty None
Duke VDP None Permission required
Georgia Tech VDP None Permission required
Seton Hall VDP None
George Mason University SRCT VDP None Only certain projects
Fontys University VDP None
Erasmus University Rotterdam VDP None
Leiden University VDP None
University of Twente VDP None
Hogeschool Rotterdam VDP None
Vrije Universiteit Amsterdam VDP None
Tilburg University VDP None
You can’t perform that action at this time.