Banner object (1)

Hack and Take the Cash !

751 bounties in database
12/11/2018
FanDuel logo

Reward

100 $ 

FanDuel

At FanDuel, our talented team of engineers and security specialists work non- stop to make our code as secure as possible. However, software without a single vulnerability simply does not exist in the real world. As our products evolve and technology advances, new vulnerabilities are bound to arise. Our Vulnerability Disclosure policy and partnership with HackerOne help us stay ahead of any potential problems.If you believe you've found a security issue in our product or service, we encourage you to notify us. Good luck and happy hunting!

UPDATES

05-April-19 - We have increased our bounty reward payments, with some severities being increased by as much as 50%

Hall of Fame

We believe our researchers should be acknowledged for their work. In addition to the bounty we have a FanDuel Security Hall of Fame, where researchers who have been awarded bounties are added to the Hall of Fame. The Hall of fame can be found here __

Disclosure Policy

  • Let us know as soon as possible upon discovery of a potential security issue and we'll make every effort to quickly resolve the issue.
  • Provide us a reasonable amount of time to resolve the issue before any disclosure to the public or a third-party.
  • Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service. Only interact with accounts you own or with explicit permission of the account holder.

Exclusions

While researching, we'd ask you to refrain from:

  • Denial of service
  • Spamming
  • Social engineering (including phishing) of FanDuel staff or contractors
  • Any physical attempts against FanDuel property

Mobile applications can be downloaded at:

Out of Scope

  • No findings relating to a lack of rate limiting (login, email triggering, or otherwise) will be accepted for this program
  • Missing headers
  • SPF records
  • sportsbook.fanduel.com
  • myaccount.fanduel.com
  • myaccountmobile.fanduel.com
  • newsroom.fanduel.com
  • partners.fanduel.com

Safe Harbor

Any activities conducted in a manner consistent with this policy will be considered authorized conduct and we will not initiate legal action against you. If legal action is initiated by a third party against you in connection with activities conducted under this policy, we will take steps to make it known that your actions were conducted in compliance with this policy.

Thank you for helping keep FanDuel and our users safe!

Thanks
Gift
Hall of Fame
Reward


List your Bug Bounty for free immediately!

Contact us if you want more information.

FireBounty (c) 2015-2019