HackGATE is a managed security proxy gateway built for organizations running bug bounty programs and penetration tests. Instead of exposing your production URL directly to researchers, HackGATE creates a dedicatedDocumentation Index
Fetch the complete documentation index at: https://docs.hackgate.io/llms.txt
Use this file to discover all available pages before exploring further.
*.hackgate.net subdomain that sits in front of your application — giving you complete control over access, scope, and monitoring.
Quick Start
Create your first HackGATE and invite researchers in under 10 minutes.
Core Concepts
Understand HackGATEs, organizations, projects, and how they fit together.
HackGATEs
Create, configure, enable, and schedule your security testing proxies.
Access Control
Manage researcher allowlists, rate limits, and path-level block rules.
Analytics & WAF
Monitor traffic, view WAF alerts, and track API endpoint coverage.
Projects
Organize your testing engagements and define scope with project items.
How HackGATE works
Create a HackGATE
Provide your application’s URL. HackGATE provisions a
*.hackgate.net proxy subdomain that forwards traffic to your origin.Configure access
Choose whether all authenticated researchers can access it, or maintain a custom allowlist of approved researcher emails.
Set scope boundaries
Add rate limits and path-level block rules to prevent testing outside your defined scope.
HackGATE requires an organization account. If you haven’t set one up yet, start with the Quick Start guide.