Back in Paris!
leHACK is back for its 21st edition — and so are we!
On June 27-29, 2025, the legendary French hacking event will once again take over La Cité des Sciences et de l’Industrie in Paris. Brought to life by HackerZVoice, leHACK gathers thousands of security enthusiasts, hackers, and professionals from all around the world.
Conferences, workshops, and the iconic wargame are all on the agenda - and, of course, YesWeHack will be right at the heart of it.
Come meet our team at booth 41, where we’ll be handing out exclusive swag, and chatting all things Bug Bounty, ethical hacking, and community.
Once again, we’re bringing the heat with our exclusive Live Bug Bounty in Le Loft on June 28–29 (more info below) - and our very own BitK has cooked up a special challenge to put your hacking skills to the test (see below)!
Want to join us there? Save your spot now!
Ready to hack? 💥
We're thrilled to announce that, just like every year, YesWeHack is hosting an exclusive Live Bug Bounty during leHACK 2025 - and you’re invited to join the action.
When and where?
📆 June 28, 10:00 AM – June 29, 3:00 AM
📌 Le Loft @ La Cité des Sciences et de l'Industrie, Paris
How to get involved
1️⃣ Participation is open to all leHACK 2025 attendees. Just make sure you’re registered for the event and physically present onsite.
2️⃣ Create an account on yeswehack.com and complete the verification steps. By signing up, Live Bug Bounty hunters at leHACK 2025 agree to the YesWeHack Bug Bounty platform’s terms of use.
3️⃣ Once you’re at leHACK, connect to the venue Wi-Fi and log in to your YesWeHack account.
4️⃣ Head to yeswehack.com/programs - the exclusive leHACK Live Bug Bounty program will be featured right at the top.
5️⃣ Read the rules and scope carefully.
6️⃣ Start hunting!
If you have any questions, our team will be available at Le Loft to guide you every step of the way.
What to expect?
The target (company and scope) will be revealed live at the start of the event by the YesWeHack team. From that point on, it’s game on: dig into the scope, find vulnerabilities, earn rewards, and climb the leaderboard!
Why join?
This Live Bug Bounty is a unique chance to apply your skills in real time, collaborate with fellow ethical hackers, and connect with the YesWeHack team and our partner’s security engineers. It's more than a competition - it’s a community moment.
On top of the bounties, the top performers will earn recognition from the hacking community - and yes, there will be exclusive swag for all participants.
Don't miss it!
Payload Plz 💣
Back by popular demand, that “one payload to solve them all” challenge from leHack 2022 is making a return. This time it's bigger, meaner, and packed with even more bugs to exploit!
The idea is simple, but pulling it off won't be easy. You’ll need to craft a single payload that can break a whole range of web-based challenges. Expect XSS, SQLi, command injection, deserialization bugs, and a few unexpected twists.
Each challenge on its own is simple - most could be solved with a basic exploit. But creating one input that works seamlessly across all of them at once? That’s where things get tricky.
You’ll have two full days (June 27-28) during leHack to test, tweak, perfect your exploit - and solve BitK's challenge!
At the end, the player who solves the most challenges wins. If there's a tie, the shortest payload takes the prize.
One payload to break them all. Ready to give "Payload Plz" a shot?
About YesWeHack
YesWeHack is a leading Bug Bounty and Vulnerability Management Platform used by hundreds of organisations and tens of thousands of bug hunters worldwide. Built and run by ethical hackers since 2015, our Bug Bounty platform offers fast, in-house triage, fair rewards and prompt payouts, and compliance with stringent EU data security laws.
YesWeHack manages hundreds of private and public programs and holds regular Live Hacking Events. Bug Bounty programs include Tencent, Swiss Post, Orange France and the French Ministry of Armed Forces.
Bug hunting is boosted by YesWeHack’s CTF playground/training platform (Dojo), various bug hunting tools, responsible vulnerability disclosure platform (ZeroDisclo.com), non-partisan Bug Bounty/VDP search engine (FireBounty.com), and a blog featuring technical tips and interviews.
Find out more at www.yeswehack.com and via X, LinkedIn, YouTube and GitHub.