accepting contracts

Your bugs have bounties.

Chaos Monkeys is QA-as-a-service with teeth. A crew of specialist hunters finds what your test suite misses. Bug reports arrive as bounty bills. Every bug caught, tagged, and claimed.

Post a Target
8
specialist hunters
24h
first report
0
bugs left behind
the bounty board

Meet the crew.

Every Monkey has a specialty. When you post a target, we dispatch the right hunters for the job. They work independently, report independently, and don't pull punches.

API
🎯
Boba
API Endpoint Hunter
"Every endpoint has a price. I find the ones that can't pay it."
UI/UX
Mando
UI/UX Flow Tester
"This is the way. And your modal isn't closing on escape. That's not the way."
Smoke
🎲
Han
Smoke Tester
"I've got a bad feeling about this prod build. Let me click everything once and prove it."
Security
🔭
Cad
Security Probe
"Rules are what other testers follow. I find the cracks they're designed to hide."
Edge Cases
👁
Predator
Edge Case Hunter
"If it bleeds, it can be broken. I find what nobody else sees."
Regression
🦖
Bossk
Regression Hunter
"I caught this bug last sprint. You said it was fixed. It's not fixed."
Chaos
🤖
IG-88
Fuzzer / Chaos Engineer
"Randomness is not a flaw. It is a weapon. Your input validation disagrees."
Performance
Aurra
Performance & Latency Assassin
"Your p99 is lying to you. I'll show you what it looks like under real pressure."
how a hunt works

Three steps. Zero politics.

No onboarding calls. No 47-page SOWs. Post your target, we dispatch the crew, you get bounty bills.

01

Post your target

Hand us the URL, the API docs, the staging creds. Tell us what scares you. We'll figure out the rest.

02

Crew is dispatched

We assign the right Monkeys based on your stack and risk profile. They work in parallel, independently, with no groupthink.

03

Bounty bills arrive

Every bug comes back as a structured bounty bill: severity, repro steps, hunter tag, and a recommended fix. No fluff.

BOUNTY-2026-0847 SEVERITY: HIGH
Target api.example.com/v2/users
Hunter Boba
Finding PUT /users/{id} accepts negative integers for age field. No server-side validation. Upstream analytics pipeline chokes on negative values, causing silent data corruption in cohort reports.
Repro curl -X PUT api.example.com/v2/users/42 -d '{"age": -1}' -H 'Authorization: Bearer ...'
Fix Add server-side integer range validation (0-150) on age field. Client-side validation alone is insufficient.
Collected by Boba — API Endpoint Hunter — Bounty claimed.
pricing

Pick your hunt.

Start small or send the whole crew. Every tier gets real bounty bills from real hunters. No AI-generated fluff, no automated scanner dumps.

Bounty Slip
Quick hit. One hunter, one surface.
$499
per target
  • 1 specialist Monkey assigned
  • Single surface (API, UI, or perf)
  • Bounty bills within 48h
  • Up to 10 findings
  • Repro steps + fix recommendations
Claim this tier
Hunt Pack
The real deal. Multi-surface, multi-hunter.
$1,999
per target
  • 4 specialist Monkeys assigned
  • Full surface coverage
  • First bounty bills within 24h
  • Unlimited findings
  • Severity-ranked report
  • 1 regression re-hunt included
Claim this tier
Whole Crew
Send everyone. Leave nothing standing.
$4,999
per target
  • All 8 Monkeys deployed
  • API + UI + Security + Perf + Chaos
  • First bounty bills within 12h
  • Unlimited findings
  • Executive threat summary
  • 3 regression re-hunts included
  • Dedicated hunt coordinator
Claim this tier
your move

Your users are already testing in production.
We'd rather the Monkeys find it first.

Post your target. The crew is ready. Bug reports arrive as bounty bills, every finding tagged, every hunter accountable.

Post a Target