PortSwigger Web Security

target_in_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
Burp Collaborator DOWNLOADABLE_EXECUTABLES none high high critical
Burp Collaborator is part of Burp Suite Pro - for further information refer to https://portswigger.net/burp/help/collaborator.html
Burp Suite Enterprise Edition DOWNLOADABLE_EXECUTABLES high high high critical
Download from https://portswigger.net/requestfreetrial/enterprise
Burp Suite Extension (BApps) DOWNLOADABLE_EXECUTABLES none none none none
These are made by third parties, and installed via the BApp store in the Burp Extender tab. High severity vulnerabilities only please.
Burp Suite Pro/Community DOWNLOADABLE_EXECUTABLES none medium low high
Download from https://portswigger.net/burp
portswigger.net URL low high high critical
https://portswigger.net
*.web-security-academy.net URL low low low medium
Access via https://portswigger.net/web-security Privilege escalation to root and container escapes only.
forum.portswigger.net URL critical

target_out_of_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
*.portswigger.net URL none
Subdomains of portswigger.net are all out of scope.