Banner object (1)

Hack and Take the Cash !

844 bounties in database
  Back Link to program      
21/11/2019
BitDiscovery logo
Thanks
Gift
Hall of Fame
Reward

BitDiscovery

BitDiscovery values the input of the security community to create a more secure Internet and welcomes the opportunity to collaborate with community members who share this common goal.

This coordinated vulnerability disclosure program (VDP) is limited to security vulnerabilities identified within BitDiscovery's public online presence. Please review the program contents before submitting your findings.


Ratings:

For the initial prioritization/rating of findings, this program will use the Bugcrowd Vulnerability Rating Taxonomy. However, it is important to note that in some cases a vulnerability priority will be modified due to its likelihood or impact. In any instance where an issue is downgraded, a full, detailed explanation will be provided to the researcher - along with the opportunity to appeal, and make a case for a higher priority.

This program only awards points for VRT based submissions.

Targets

In scope

Target name | Type
---|---
*.bitdiscovery.com | Website
Any publicly facing asset of BitDiscovery (ASNs, domains, ip addresses, etc) | Website
assetinventory.bugcrowd.com | Website

Testing is only authorized on the targets listed as In-Scope. Any domain/property of BitDiscovery not listed in the targets section is out of scope. This includes any/all subdomains not listed above. If you believe you've identified a vulnerability on a system outside the scope, please reach out to support@bugcrowd.com before submitting.


Safe Harbor:

When conducting vulnerability research according to this policy, we consider this research to be:

  • Authorized in accordance with the Computer Fraud and Abuse Act (CFAA) (and/or similar state laws), and we will not initiate or support legal action against you for accidental, good faith violations of this policy;
  • Exempt from the Digital Millennium Copyright Act (DMCA), and we will not bring a claim against you for circumvention of technology controls;
  • Exempt from restrictions in our Terms & Conditions that would interfere with conducting security research, and we waive those restrictions on a limited basis for work done under this policy; and
  • Lawful, helpful to the overall security of the Internet, and conducted in good faith.
  • You are expected, as always, to comply with all applicable laws.

If at any time you have concerns or are uncertain whether your security research is consistent with this policy, please inquire via support@bugcrowd.com before going any further.

Program rules

This program follows Bugcrowd’s standard disclosure terms.

Learn more about Bugcrowd’s VRT.

In Scope

Scope Type Scope Name
web_application

*.bitdiscovery.com

web_application

Any publicly facing asset of BitDiscovery (ASNs, domains, ip addresses, etc)

web_application

assetinventory.bugcrowd.com


Firebounty have crawled on 2019-11-21 the programe BitDiscovery on the platform Bugcrowd.

FireBounty © 2015-2019

Legal notices