India's Largest Bug Bounty Directory
Every Bug Bounty Program.
One Search.
Search HackerOne, Bugcrowd, company VDPs, and XC0MRADE-native programs — all in one place. Filter by Indian companies, see bounties in ₹INR, and check DPDP compliance.
Want your program listed here?
Launch a DPDP-compliant bug bounty on XC0MRADE. Get featured prominently in India's largest directory with INR payouts and CERT-In aligned reporting.
What is a Bug Bounty Program?
A bug bounty program is a crowdsourced security initiative where organizations invite ethical hackers to find and report vulnerabilities in their systems. In return, researchers receive monetary rewards (bounties) or recognition. Major companies like Google, Microsoft, Meta, and Indian firms like Razorpay and Zomato run active bug bounty programs.
Why Use This Directory?
XC0MRADE aggregates every public bug bounty program from HackerOne, Bugcrowd, and company-hosted VDPs into one searchable directory. Unlike other platforms, we show bounty amounts in Indian Rupees (₹), filter by Indian companies, indicate DPDP compliance status, and provide difficulty ratings so researchers at every level can find suitable targets.
Bug Bounty Programs in India
India has a growing ecosystem of bug bounty and vulnerability disclosure programs. Companies like Paytm, PhonePe, Flipkart, Swiggy, CRED, and Zerodha offer VDPs. With India's Digital Personal Data Protection Act (DPDPA), more organizations are expected to launch formal security testing programs. XC0MRADE is built specifically for this market — with INR payouts, TDS automation, and CERT-In 6-hour incident reporting compliance built in.