Ship with fewer bugs. Get paid to find them.

Any web, mobile, or desktop app, from fresh vibe-coded builds to ones used by millions. Builders fund a pool and pay only for valid bugs. Testers earn for every report that's accepted.

Builders pay for real bugs
Fund a pool and pay only for valid, reproducible, in-scope reports.
Testers earn per bug
Get paid for every accepted report. First valid report wins.
Web, mobile & desktop
One marketplace for every platform you ship.

The testers finding the most bugs.

Reputation is earned from valid, accepted bugs. Build a public QA portfolio and climb the board.

One open pool. Pay only for valid bugs.

Gorol runs the full loop end to end, like HackerOne, but for functional QA bugs instead of security exploits.

  1. 01

    Post & fund a program

    A client describes their product (web, mobile, or desktop), sets the scope and severity tiers, then pre-funds a bounty pool. Gorol confirms the funding and the program goes live.

  2. 02

    Testers hunt for bugs

    An open pool of testers explores the product and submits structured reports with evidence and a proposed severity. First valid report wins. Duplicates earn nothing.

  3. 03

    Validate & get paid

    The client finalizes severity and accepts valid bugs; Gorol arbitrates any disputes. Payouts are reserved from the pool and settled per valid bug.

For testers and builders.

Two ways into the same marketplace. Pick the side that fits.

Turn QA skill into income.

Find work without chasing clients. Explore live products, report what breaks, and earn for every valid bug.

  • Pay-per-valid-bug, first valid report wins
  • Build reputation that unlocks more programs
  • Test web and mobile from your own devices
  • Withdraw earnings once a bug is accepted

Crowd-test without the enterprise price tag.

Shipped fast with no QA budget? Put your product in front of real testers and only pay for the bugs that matter.

  • Tap an open pool of testers, not a fixed cycle
  • Pay only for valid, in-scope bugs
  • Set your own scope and severity payout tiers
  • Pre-fund a bounty pool you stay in control of

Bigger bugs, bigger bounties.

Every program sets tiered payouts. A tester proposes the severity. Gorol and the client finalize it before payout.

Low

Rp 50K-150K

Cosmetic or minor UX issues with an easy workaround.

Medium

Rp 150K-400K

Functional issues that still have a workaround.

High

Rp 400K-1JT

Broken core flows with no reasonable workaround.

Critical

Rp 1JT+

Security, data loss, or crashes that block usage.

Figures are illustrative. Clients set their own tiers per program. Duplicates and out-of-scope reports earn nothing, so quality and speed both pay.

A marketplace that protects both sides.

Pre-funded pools

Clients fund the bounty before testing starts, so valid bugs always have a payout waiting.

Google sign-in only

Authentication runs through Google. Gorol never stores a password.

Gorol arbitration

When a client and tester disagree, Gorol reviews the report and makes the call.

Verified withdrawals

A manual identity check at first withdrawal keeps payouts clean and accountable.

Ready to squash some bugs?

Join Gorol as a tester and get paid per valid bug, or post your first program and crowd-test in days, not sprints.