Penetration Tests

Giovanni Pellerano edited this page Mar 2, 2018 · 19 revisions

The GlobaLeaks Project is periodically subject to independent security audit and penetration tests in order to verify and improve the security of the system.

Thanks to the Open Technology Fund GlobaLeaks received already 5 independent penetration tests here available.

Many others, during the years, have been performed by some private adopters.

We additionally invite independent security researchers to apply to our Bug Hunting initiative, which it's currently hosted on HackerOne.

These are the detailed reports of penetration tests we've received, along with the transparent feedback and fixing done in response:

Date Software Auditor Goal Report
2013 Q1 GlobaLeaks iSecPartners Architecture Audit report
2013 Q2 GlobaLeaks Cure53 Web Security Audit report
2013 Q4 Tor2web VeraCode Overall Audit report
2014 GlobaLeaks LeastAuthority Source Code Audit report
2018 GlobaLeaks SubGraph Overall Audit report

If you want to carry out or sponsor an Independent Security Audit, please email projects at

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.