FireBounty
52207 policies in database
Link to program      
2020-11-12
YesWeHack Dojo logo
Thank
Gift
HOF
Reward

YesWeHack Dojo

Challenge - Phishing

  • ⏳ Active until : 28th February 2025
  • 🎁 The 3 best quality reports will win a special swag pack!

BRUTE FORCE IS NOT ALLOWED!
(Applies only to the Dojo challenge page itself)

A valid solution for the challenge must meet these requirements:

  • Your report must include a proof of concept (PoC) showing how you obtained the flag
  • The flag must be included in the report

Are you interested in doing your own Dojo challenge? Send us a message on Twitter!

Challenge rules

Those rules applies for each challenge:

  1. Challenges solves are accepted exclusively in the form of reports on this program.
  2. The 3 bests quality write-up reports will be rewarded with a swag pack!
  3. Any report without a fully qualified write-up report will be discarded.
  4. Flags inside the YesWeHack Dojo sample databases are without value and are publicly accessible from the challenge pages. This is a feature, not a bug.
  5. Hack smart, don't brute-force or automate testing, challenges are made for manual solving.
  6. If you leak a solution as a reply to one of our social media thread instead of filling a report, you are spoiling the challenge for the others, don't do it before the challenge ends and winner list is known.
  7. Don't forget to link your Twitter or Linkedin profile, if you want a highlight in the Winners announcement we will post as a reply to the challenge initial post.

Write-up report

What is a "write-up report", would you ask?

The challenges are drawn from real-life vulnerabilities, if you manage to solve a challenge, you must create a report explaining the logic behind your solution: "How did you solve the challenge?"

Why is this important?

  1. It avoids copy-paste solutions.
  2. It shows your unique talent as a professional bug bounty hunter.

We will publish the best write-up report along the winners list for each challenge session on our blog (See an example here)

🎁 Rewards

Swag pack with Yeswehack goodies

We fiercely protect your privacy, no personal information from your profile will ever be used by anyone, except for individual exchanges between you and YesWeHack for the purpose of this challenge and for awarding gifts.

About the Dojo platform

The YesWeHack Dojo is a unique training and learning tool, it allows to witness how code is manipulated by inputs and parameters in real time.
The YesWeHack Dojo also can be used to rebuild complex exploitation scenarios from scratch and share them.

We have crafted nifty challenges using the Dojo platform, that we will initiate from the YesWeHack twitter account, stay tuned.

Overview of the Dojo platform

On our blog, we describe how you can use the platform effectively with all the features offered.

In Scope

Scope Type Scope Name
web_application

https://dojo-yeswehack.com/challenge-of-the-month/dojo-39

Out of Scope

Scope Type Scope Name
undefined

Everything that's out of the scope root URL

Firebounty have crawled on 2020-11-12 the program YesWeHack Dojo on the platform Yeswehack.

FireBounty © 2015-2025

Legal notices | Privacy policy