Can you hack your government?

Vulnerability disclosure policies and bug bounty programs are becoming standard across industry and government. Beginning with the U.S. Department of Defense, several government agencies worldwide have implemented vulnerability disclosure programs.

This is a list of government agencies that have bug bounty programs or vulnerability disclosure policies. Please submit a pull request if any government agencies are missing from this list.

Note: This list is not an invitation to hack any of the listed organizations. Ensure that you comply with all listed terms of an organization's vulnerability disclosure policy.

Organization	Type	Rewards	Link	Notes
U.S. Department of Defense	VDP	None	https://hackerone.com/deptofdefense	Safe Harbor
U.S. Department of Defense	Bug Bounty	Varies		Private, time-limited challenges
GSA Technology Transformation Services	Bug Bounty	$150-$5,000	https://hackerone.com/gsa_bbp	Safe Harbor
Iowa Secretary of State	VDP	N/A	https://sos.iowa.gov/pdf/IOWA_SOS_VDP_Policy.pdf	Safe Harbor
Ohio Secretary of State	VDP	N/A	https://www.ohiosos.gov/vulnerability-disclosure-policy/	Safe Harbor
State of Delaware	VDP		https://delaware.gov/help/responsible-disclosure.shtml	Partial Safe Harbor
Washington D.C.	VDP	N/A	https://octo.dc.gov/sites/default/files/dc/sites/octo/publication/attachments/Responsible%20Disclosure%20Policy%20.pdf
Minnesota Secretary of State	VDP	N/A	https://sos.mn.gov/about-the-office/about-the-office/vulnerability-disclosure-program/
Idaho Secretary of State	VDP	N/A	https://sos.idaho.gov/vulnerability-disclosure-policy/
South Carolina Election Commission	VDP	N/A	https://scvotes.gov/resources/vulnerability-disclosure-program/
State of New Jersey	VDP	N/A	https://www.cyber.nj.gov/report/vulnerability-disclosure/vulnerability-disclosure-policy
City of Los Angeles	VDP	N/A	https://hackerone.com/city_of_los_angeles_vdp
Netherlands NCSC	VDP	Up to €300	https://www.ncsc.nl/security
Netherlands Central Government	VDP	N/A	https://www.government.nl/topics/cybercrime/fighting-cybercrime-in-the-netherlands/responsible-disclosure
Government of Jersey	VDP	N/A	https://www.gov.je/Pages/DisclosurePolicy.aspx
United Kingdom NCSC	VDP	None	https://hackerone.com/ncsc_uk
Administrative Conference of the United States	VDP	N/A	https://www.acus.gov/vulnerability-disclosure-policy
African Development Foundation	VDP	N/A	https://www.usadf.gov/vulnerability-disclosure-policy
American Battle Monuments Commission	VDP	N/A	https://www.abmc.gov/vulnerability-disclosure-policy
Armed Forces Retirement Home	VDP	N/A	https://www.afrh.gov/vulnerability-disclosure-policy
Barry Goldwater Scholarship and Excellence in Education Foundation	VDP	N/A	https://goldwaterscholarship.gov/vulnerability-disclosure-policy/
Board of Governors of the Federal Reserve	VDP	N/A	https://www.federalreserve.gov/vulnerability-disclosure-policy
Chemical Safety Board	VDP	N/A	https://www.csb.gov/vulnerability-disclosure-policy/
Commission of Fine Arts	VDP	N/A	https://www.cfa.gov/vulnerability-disclosure-policy
Commodity Futures Trading Commission	VDP	N/A	https://www.cftc.gov/vulnerability-disclosure-policy
Consumer Financial Protection Bureau	VDP	N/A	https://www.cfpb.gov/vulnerability-disclosure-policy
Consumer Product Safety Commission	VDP	N/A	https://www.cpsc.gov/vulnerability-disclosure-policy
Corporation for National and Community Service	VDP	N/A	https://americorps.gov/about/agency-overview/vulnerability-disclosure-policy
Council of the Inspectors General on Integrity and Efficiency	VDP	N/A	https://www.ignet.gov/vulnerability-disclosure-policy
Court Services and Offender Supervision Agency	VDP	N/A	https://www.csosa.gov/vulnerability-disclosure-policy
Defense Nuclear Facilities Safety Board	VDP	N/A	https://www.dnfsb.gov/vulnerability-disclosure-policy
Denali Commission	VDP	N/A	https://www.denali.gov/vulnerability-disclosure-policy
Department of Commerce	VDP	N/A	https://www.doc.gov/vulnerability-disclosure-policy
Department of Education	VDP	N/A	https://www.ed.gov/vulnerability-disclosure-policy
Department of Energy	VDP	N/A	https://doe.responsibledisclosure.com/hc/en-us
Department of Health and Human Services	VDP	N/A	https://www.hhs.gov/vulnerability-disclosure-policy
Department of Homeland Security	VDP	N/A	https://www.dhs.gov/vulnerability-disclosure-policy
Department of Housing and Urban Development	VDP	N/A	https://www.hud.gov/vulnerability-disclosure-policy
Department of Justice	VDP	N/A	https://www.justice.gov/vulnerability-disclosure-policy
Department of Labor	VDP	N/A	https://www.dol.gov/vulnerability-disclosure-policy
Department of State	VDP	N/A	https://www.state.gov/vulnerability-disclosure-policy/
Department of the Interior	VDP	N/A	https://www.doi.gov/vulnerability-disclosure-policy
Department of the Treasury	VDP	N/A	https://www.treasury.gov/vulnerability-disclosure-policy
Department of Transportation	VDP	N/A	https://www.dot.gov/vulnerability-disclosure-policy
Department of Veterans Affairs	VDP	N/A	https://www.va.gov/vulnerability-disclosure-policy
Election Assistance Commission	VDP	N/A	https://www.eac.gov/vulnerability-disclosure-policy
Environmental Protection Agency	VDP	N/A	https://www.epa.gov/vulnerability-disclosure-policy
Equal Employment Opportunity Commission	VDP	N/A	https://www.eeoc.gov/vulnerability-disclosure-policy
Export-Import Bank of the United States	VDP	N/A	https://www.exim.gov/vulnerability-disclosure-policy
Farm Credit Administration	VDP	N/A	https://www.fca.gov/vulnerability-disclosure-policy
Farm Credit System Insurance Corporation	VDP	N/A	https://www.fcsic.gov/vulnerability-disclosure-policy
Federal Communications Commission	VDP	N/A	https://www.fcc.gov/vulnerability-disclosure-policy
Federal Deposit Insurance Corporation	VDP	N/A	https://www.fdic.gov/policies/vulnerability/
Federal Energy Regulatory Commission	VDP	N/A	https://www.ferc.gov/vulnerability-disclosure-policy
Federal Housing Finance Agency	VDP	N/A	https://www.fhfa.gov/vulnerability-disclosure-policy
Federal Labor Relations Authority	VDP	N/A	https://www.flra.gov/vulnerability-disclosure-policy
Federal Maritime Commission	VDP	N/A	https://www.fmc.gov/vulnerability-disclosure-policy/
Federal Mediation and Conciliation Service	VDP	N/A	https://www.fmcs.gov/vulnerability-disclosure-policy
Federal Mine Safety and Health Review Commission	VDP	N/A	https://www.fmshrc.gov/vulnerability-disclosure-policy
Federal Retirement Thrift Investment Board	VDP	N/A	https://www.frtib.gov/vulnerability-disclosure-policy
Federal Trade Commission	VDP	N/A	https://www.ftc.gov/vulnerability-disclosure-policy
General Services Administration	VDP	N/A	https://www.gsa.gov/vulnerability-disclosure-policy
Harry S Truman Scholarship Foundation	VDP	N/A	https://www.truman.gov/vulnerability-disclosure-policy
Institute of Museum and Library Services	VDP	N/A	https://www.imls.gov/vulnerability-disclosure-policy
Inter-American Foundation	VDP	N/A	https://www.iaf.gov/vulnerability-disclosure-policy/
James Madison Memorial Fellowship Foundation	VDP	N/A	https://www.jamesmadison.gov/vulnerability-disclosure-policy
Japan-United States Friendship Commission	VDP	N/A	https://www.jusfc.gov/vulnerability-disclosure-policy
Marine Mammal Commission	VDP	N/A	https://www.mmc.gov/vulnerability-disclosure-policy/
Merit Systems Protection Board	VDP	N/A	https://www.mspb.gov/vulnerability-disclosure-policy/
Millennium Challenge Corporation	VDP	N/A	https://www.mcc.gov/vulnerability-disclosure-policy
Morris K. Udall and Stewart L. Udall Foundation	VDP	N/A	https://www.udall.gov/vulnerability-disclosure-policy
National Aeronautics and Space Administration	VDP	N/A	https://www.nasa.gov/vulnerability-disclosure-policy
National Archives and Records Administration	VDP	N/A	https://www.nara.gov/vulnerability-disclosure-policy
National Capital Planning Commission	VDP	N/A	https://www.ncpc.gov/vulnerability-disclosure-policy
National Council on Disability	VDP	N/A	https://www.ncd.gov/vulnerability-disclosure-policy
National Credit Union Administration	VDP	N/A	https://www.ncua.gov/vulnerability-disclosure-policy
National Endowment for the Arts	VDP	N/A	https://www.arts.gov/vulnerability-disclosure-policy
National Endowment for the Humanities	VDP	N/A	https://www.neh.gov/vulnerability-disclosure-policy
National Labor Relations Board	VDP	N/A	https://www.nlrb.gov/vulnerability-disclosure-policy
National Mediation Board	VDP	N/A	https://nmb.gov/NMB_Application/index.php/vdp/
National Science Foundation	VDP	N/A	https://www.nsf.gov/vulnerability-disclosure-policy
National Transportation Safety Board	VDP	N/A	https://www.ntsb.gov/Pages/vulnerability-disclosure-policy.aspx
Nuclear Regulatory Commission	VDP	N/A	https://www.nrc.gov/vulnerability-disclosure-policy
Nuclear Waste Technical Review Board	VDP	N/A	https://www.nwtrb.gov/vulnerability-disclosure-policy
Occupational Safety and Health Review Commission	VDP	N/A	https://www.oshrc.gov/vulnerability-disclosure-policy
Office of the Comptroller of the Currency	VDP	N/A	https://www.occ.gov/about/policies/vulnerability-disclosure-policy.html
Office of Government Ethics	VDP	N/A	https://www.oge.gov/vulnerability-disclosure-policy
Office of Navajo and Hopi Indian Relocation	VDP	N/A	https://www.onhir.gov/vulnerability-disclosure-policy
Office of Personnel Management	VDP	N/A	https://www.opm.gov/vulnerability-disclosure-policy
Office of Special Counsel	VDP	N/A	https://osc.gov/vulnerability-disclosure-policy
Peace Corps	VDP	N/A	https://www.peacecorps.gov/vulnerability-disclosure-policy/
Pension Benefit Guaranty Corporation	VDP	N/A	https://www.pbgc.gov/vulnerability-disclosure-policy
Postal Regulatory Commission	VDP	N/A	https://www.prc.gov/vulnerability-disclosure-policy
Presidio Trust	VDP	N/A	https://www.presidio.gov/presidio-trust/about/vulnerability-disclosure-policy
Privacy and Civil Liberties Oversight Board	VDP	N/A	https://www.pclob.gov/vulnerability-disclosure-policy
Railroad Retirement Board	VDP	N/A	https://www.rrb.gov/vulnerability-disclosure-policy
Securities and Exchange Commission	VDP	N/A	https://www.sec.gov/vulnerability-disclosure-policy
Selective Service System	VDP	N/A	https://www.sss.gov/vulnerability-disclosure-policy
Small Business Administration	VDP	N/A	https://www.sba.gov/vulnerability-disclosure-policy
Social Security Administration	VDP	N/A	https://www.ssa.gov/vulnerability-disclosure-policy
Social Security Advisory Board	VDP	N/A	https://www.ssab.gov/vulnerability-disclosure-policy
Surface Transportation Board	VDP	N/A	https://prod.stb.gov/vulnerability-disclosure-policy
Tennessee Valley Authority	VDP	N/A	https://www.tva.com/vulnerability-disclosure-policy
U.S. Section of International Boundary and Water Commission	VDP	N/A	https://www.state.gov/vulnerability-disclosure-policy/
United States AbilityOne Commission	VDP	N/A	https://www.abilityone.gov/laws,_regulations_and_policy/documents/
United States Access Board	VDP	N/A	https://www.access-board.gov/vulnerability-disclosure-policy
United States Agency for Global Media	VDP	N/A	https://www.usagm.gov/vulnerability-disclosure-policy/
United States Agency for International Development	VDP	N/A	https://www.usaid.gov/vulnerability-disclosure-policy
United States Commission on Civil Rights	VDP	N/A	https://www.usccr.gov/vulnerability-disclosure-policy
United States Department of Agriculture	VDP	N/A	https://www.usda.gov/vulnerability-disclosure-policy
United States Interagency Council on Homelessness	VDP	N/A	https://www.usich.gov/vulnerability-disclosure-policy
United States International Development Finance Corporation	VDP	N/A	https://www.dfc.gov/vulnerability-disclosure-policy
United States International Trade Commission	VDP	N/A	https://www.usitc.gov/vulnerability-disclosure-policy
United States Trade and Development Agency	VDP	N/A	https://www.ustda.gov/vulnerability-disclosure-policy
United States Courts	VDP	N/A	https://www.uscourts.gov/privacy-security-policy/vulnerability-disclosure-policy

Name		Name	Last commit message	Last commit date
Latest commit History 19 Commits
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Can you hack your government?

About

Releases

Packages

Contributors 2

cablej/hack-your-government

Folders and files

Latest commit

History

Repository files navigation

Can you hack your government?

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Contributors 2

Packages