We created GlassWire to help everyday users protect their devices and privacy
by monitoring their network activity . The security, data, and privacy of our
GlassWire users is our priority. We hope HackerOne will help security
researchers report GlassWire software vulnerabilities to us.
Reporting a vulnerability in the GlassWire desktop or mobile software
We will try to review all reported vulnerabilities within 10 business days to
see if they qualify for HackerOne recognition. Vulnerability reports require a
proof of concept and detailed information on how the vulnerability can cause
GlassWire to be misused.
Please use the following guidelines:
- We are mainly seeking vulnerabilities in our software (mobile and desktop).
- Check for network parser vulnerabilities.
- Check for vulnerabilities using fuzzing and binary analysis.
- Go to GlassWire settings/server to review its remote access security.
- *.glasswire.com minus exclusions below.
- Please include detailed instructions on the vulnerability so we can try to reproduce the issue.
- Please do not disclose the issue until it has been fixed by GlassWire.
- Do not disrupt services for users.
- Do not violate the privacy of users or modify their data.
- Physical attacks
- DDOS, DOS, or Brute Force attacks
- Social Engineering
- Wordpress/Discourse vulnerabilities
- forum.glasswire.com uses Discourse third party software
- blog.glasswire.com hosted by Wordpress.com
- store. and other shopping pages hosted by our billing company
- Vulnerabilities on third party sites
- Password complexity reports
- Software that we do not make or have any control over that falsely claims to be GlassWire
- Mailchimp forms
- Reports about DLL hijacking without demonstrating how it gains new privileges.
We now offer paid bounties for vulnerabilities in our Windows desktop software
or mobile software. GlassWire does not offer bug bounties related to our
website unless the vulnerability is serious and has real security implications
for our users.
The public program GlassWire on the platform Hackerone has been updated on 2019-08-06, The lowest reward is 50 $.