The bonus month for submissions for our mobile apps has been closed.📱
Thanks to everyone who has participated!
We will keep you updated for future bonus months
The Hoplr Security Team
We really appreciate the work you already did on our program, and we want to introduce an extra incentive to find some more vulnerabilities on our mobile apps. 📱
In July - actually, you can start right now! - we will hand out bonuses for the 3 best findings on our mobile apps.
We will pick the findings that have the biggest impact on our business and our users.
Make sure you only test in our test neighbourhoods (see main page) and don't do any bulk queries to make sure that other users are not impacted by the tests. We have rate limiters in place, but testing these is not part of the scope.
PS: We will organize this on a regular basis during the year, so keep an eye on our program!
The Hoplr Security Team
We have just migrated all our .NET websites to .NET 6.0. Feel free to take another look.
Summary of existing websites/apps:
The main focus is still our www.hoplr.com website, but we also have others we want to keep safe. Since you probably already found all our subdomains with
Sublist3r(or any other subdomain enumerator), I thought it would be a good idea to give you some more information on those websites. You can find a short summary below.
Please make sure you don't do any request flooding on our websites. We have rate limiters in place (not everywhere) but a heavy load can lead to performance problems on our servers and we want to avoid that at all cost. And don't forget to always use your Intigriti email when you create a login.
Hoplr : this is the main one you all know. Instructions are on our Intigriti page.
Hoplr App: Not a website, but used by about 50% of our users.
Business landing : this is our public business landing page. Our customers are mostly governments.
Regrowth Api : used by Regrowth to fetch and update data.
Hoplr API : this is our main API, and it is used by the Hoplr App, dashboard.hoplr.com and regrowth.hoplr.com
Bcq : The neighbourhood concierge is our latest addition to the hoplr universe. This is a paid subscription to find affordable, reliable and local help. The website also contains an API and a management website for the concierges. You know the drill --> 🐱💻
Bcq App: Used by our subscribers. 🐱💻
Participation pages: These are public websites that are tailor-made for our customers. They all use the same code base but are configured differently, examples are https://loosduinen.hoplr.com/ and https://segbroek.hoplr.com/. Some of them have authentication, which means they are in test mode and should not be accessed by regular users yet
We have migrated to .NET Core a month ago, we invite you all to take another look.