Jump to content
Nytro

Lista site-urilor care au un program Bug Bounty

Recommended Posts

Nytro    2659

Vom mentine aici o lista cu site-urile care au un program bug bounty.

Google

http://www.google.com/about/appsecurity/reward-program/

Facebook

https://www.facebook.com/whitehat/bounty

Mozilla

http://www.mozilla.org/security/bug-bounty.html

Paypal

https://www.paypal.com/us/webapps/mpp/security/reporting-security-issues

Secunia

http://secunia.com/community/research/svcrp/

Etsy

http://codeascraft.etsy.com/2012/09/11/announcing-the-etsy-security-bug-bounty-program/

Barracuda

http://www.barracudalabs.com/bugbounty/

----------------------------------------------------------------------------------------------

Site-uri care vor mentiona persoanele care le raporteaza vulnerabilitati:

Adobe

http://www.adobe.com/support/security/alertus.html

Twitter

https://twitter.com/about/security

EBay

http://pages.ebay.com/securitycenter/ResearchersAcknowledgement.html

Microsoft

http://technet.microsoft.com/en-us/security/ff852094.aspx

Apple

http://support.apple.com/kb/HT1318

Dropbox

https://www.dropbox.com/security

Reddit

http://code.reddit.com/wiki/help/whitehat

Github

https://help.github.com/articles/responsible-disclosure-of-security-vulnerabilities

Ifixit

http://www.ifixit.com/Info/responsible_disclosure

37 Signals

http://37signals.com/security-response

Twilio

http://www.twilio.com/blog/2012/03/reporting-security-vulnerabilities.html

Constant Contact

http://www.constantcontact.com/about-constant-contact/security/report-vulnerability.jsp

Engine Yard

http://www.engineyard.com/legal/responsible-disclosure-policy

Lastpass

https://lastpass.com/support_security.php

RedHat

https://access.redhat.com/knowledge/articles/66234

Acquia

https://www.acquia.com/how-report-security-issue

Zynga

http://company.zynga.com/security/whitehats

Owncloud

http://owncloud.org/security/policy

Tuenti

http://corporate.tuenti.com/en/dev/hall-of-fame

Soundcloud

http://help.soundcloud.com/customer/portal/articles/439715-responsible-disclosure

Nokia Siemens Networks

http://www.nokiasiemensnetworks.com/about-us/responsible-disclosure

Yandex Bug Bounty

http://company.yandex.com/security/hall-of-fame.xml 

Lista originala: Please login or register to see this link.

Lista este in curs de actualizare. Daca aveti ceva de completat, postati in acest topic si vom actualiza si aici.

  • Upvote 1

Share this post


Link to post
Share on other sites
B7ackAnge7z    384

Informa?ia despre compania Yandex este pu?in gre?it? — de curând au început s? ofere ?i ceva b?nu?i:

Please login or register to see this link.

De asemenea mai po?i ad?uga:

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

Edited by B7ackAnge7z

Share this post


Link to post
Share on other sites
FiliBlox    89

Mozilla

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

Google

Please login or register to see this link.

Please login or register to see this link.

Facebook

Please login or register to see this link.

Paypal

Please login or register to see this link.

Please login or register to see this link.

Etsy

Please login or register to see this link.

Wordpress

Please login or register to see this link.

Commonsware

Please login or register to see this link.

CCBill

Please login or register to see this link.

Please login or register to see this link.

Vark

Please login or register to see this link.

Windthorstisd

Please login or register to see this link.

Bug Bounty Websites for Products Vulnerability

Mozilla

Please login or register to see this link.

Please login or register to see this link.

Bugcrowd – Please login or register to see this link. - NOTE: Bugcrowd runs managed bug bounty programs for business and you are notified when new Bugcrowd bug bounty programs are launched.

Facebook - Please login or register to see this link.

Etsy – Please login or register to see this link.

Google – Please login or register to see this link.

Paypal – Please login or register to see this link.

Mozilla – Please login or register to see this link.

Piwik -http://piwik.org/security/

Barracuda – Please login or register to see this link.

Yandex – Please login or register to see this link.

Gallery - Please login or register to see this link.

CCBill – Please login or register to see this link.

GhostScript - Please login or register to see this link.

Qmail - Please login or register to see this link.

AT&T - Please login or register to see this link.

Tarsnap - Please login or register to see this link.

Samsung - Please login or register to see this link.

Hex-Rays - Please login or register to see this link.

Access - Please login or register to see this link.

Ardour - Please login or register to see this link.

Artifex Software - Please login or register to see this link.

Commonsware - Please login or register to see this link.

Vark - Please login or register to see this link.

Windthorstisd - Please login or register to see this link.

BROKERS AND SECURITY COMPANIES

HP Zero-Day Initiative (ZDI) - Please login or register to see this link.

COSINC - Please login or register to see this link.

Beyond Security - Please login or register to see this link.

Exodus Intelligence - Please login or register to see this link.

iDefense - Please login or register to see this link.

White Fir Design - Please login or register to see this link.

Secunia - Please login or register to see this link.

ExploitHub - Please login or register to see this link.

Insight Partners - Please login or register to see this link.

Netragard - Please login or register to see this link.

Mozilla

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

Google

Please login or register to see this link.

Please login or register to see this link.

Facebook

Please login or register to see this link.

Paypal

Please login or register to see this link.

Please login or register to see this link.

Etsy

Please login or register to see this link.

Please login or register to see this link.

Wordpress

Please login or register to see this link.

Commonsware

Please login or register to see this link.

CCBill

Please login or register to see this link.

Please login or register to see this link.

Vark

Please login or register to see this link.

Windthorstisd

Please login or register to see this link.

Bug Bounty Websites for Products Vulnerability

Mozilla

Please login or register to see this link.

Please login or register to see this link.

Google Chrome

Please login or register to see this link.

Zero Day Initiative

Please login or register to see this link.

Barracuda

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

Artifex Software

Please login or register to see this link.

Hex Rays

Please login or register to see this link.

Ardour

Please login or register to see this link.

Piwik

Please login or register to see this link.

Hall of Fame & Responsible Disclosure Websites(No Bounties)

Microsoft

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

Apple

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

Adobe

Please login or register to see this link.

Please login or register to see this link.

IBM

Please login or register to see this link.

Twitter

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

Dropbox

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

Cisco

Please login or register to see this link.

Moodle

Please login or register to see this link.

Drupal

Please login or register to see this link.

Oracle

Please login or register to see this link.

Symantec

Please login or register to see this link.

Ebay

Please login or register to see this link.

Twilio

Please login or register to see this link.

37 Signals

Please login or register to see this link.

Salesforce

Please login or register to see this link.

Reddit

Please login or register to see this link.

Github

Please login or register to see this link.

Ifixit

Please login or register to see this link.

Constant Contact

Please login or register to see this link.

Zeggio

Please login or register to see this link.

Simplify

Please login or register to see this link.

Team Unify

Please login or register to see this link.

Skoodat

Please login or register to see this link.

Relaso

Please login or register to see this link.

Moduscsr

Please login or register to see this link.

Cloudnetz

Please login or register to see this link.

Emptrust

Please login or register to see this link.

Apriva

Please login or register to see this link.

Amazon

Please login or register to see this link.

SqaureUp

Please login or register to see this link.

G-Sec

Please login or register to see this link.

Xen

Please login or register to see this link.

Engine Yard

Please login or register to see this link.

Lastpass

Please login or register to see this link.

RedHat

Please login or register to see this link.

Acquia

Please login or register to see this link.

Mahara

Please login or register to see this link.

Please login or register to see this link.

Zynga

Please login or register to see this link.

Please login or register to see this link.

Risk.io

Please login or register to see this link.

Opera

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

Owncloud

Please login or register to see this link.

Please login or register to see this link.

Scorpion Soft

Please login or register to see this link.

Please login or register to see this link.

Norada

Please login or register to see this link.

Cpaperless

Please login or register to see this link.

Wizehive

Please login or register to see this link.

Please login or register to see this link.

Tuenti

Please login or register to see this link.

Nokia Siemens

Please login or register to see this link.

Sound Cloud

Please login or register to see this link.

HTC

Please login or register to see this link.

Neohapsis

Please login or register to see this link.

Nokia

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

BlackBerry

Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link.

Heroku

Please login or register to see this link.

Please login or register to see this link.

Chargify

Please login or register to see this link.

Please login or register to see this link.

Puppetlabs

Please login or register to see this link.

Good luck.

Edited by FiliBlox

Share this post


Link to post
Share on other sites
EterNo    19

Si Please login or register to see this link. daca aveti nevoie de seminte..


<cs1@cannabis-seeds.co.uk>

Mar 28

HI EterNo
Thank you for pointing out the problem.

We will send you some seeds, can you forward us your address and we will get a pack of feminized seeds out to you.
regards

PS: am raportat un XSS

@dreiboy, nu.. nu mai am :) cauta si tu

@tedeus, cine a zis ca locuiesc in Romania?!

PS: am primit si semintele, 6.. si au iesit toate :>

Edited by EterNo

Share this post


Link to post
Share on other sites
dreiboy    10
Si Please login or register to see this link. daca aveti nevoie de seminte..


<cs1@cannabis-seeds.co.uk>

Mar 28

HI EterNo
Thank you for pointing out the problem.

We will send you some seeds, can you forward us your address and we will get a pack of feminized seeds out to you.
regards

PS: am raportat un XSS

nu mai ai vreo unu sa m-il imprumuti sa le dau mail? :)))

tare as avea nevoie de niste seminte

Share this post


Link to post
Share on other sites
tedeus    27
Si Please login or register to see this link. daca aveti nevoie de seminte..


<cs1@cannabis-seeds.co.uk>

Mar 28

HI EterNo
Thank you for pointing out the problem.

We will send you some seeds, can you forward us your address and we will get a pack of feminized seeds out to you.
regards

PS: am raportat un XSS

@dreiboy, nu.. nu mai am :) cauta si tu

Dude, calmeaza-te. Vezi ca toate pachetele primite sunt monitorizate si, din cate stiu, in Romania, sunt interzise.... Asa ca, daca vrei alte probleme in afara de cele pe care ti le poti face numai din exploatarea de vulnerabilitati, da-le adresa ca sa primesti minunatie de seminte.

Puteai sa le spui frumos ca legea romana nu este asa de permisiva si ca, in schimb, accepti orice donatie pentru cateva cafele :). Parerea mea... Tu faci, pana la urma, ce doresti.

Share this post


Link to post
Share on other sites
S.R.I    36
Dude, calmeaza-te. Vezi ca toate pachetele primite sunt monitorizate si, din cate stiu, in Romania, sunt interzise.... Asa ca, daca vrei alte probleme in afara de cele pe care ti le poti face numai din exploatarea de vulnerabilitati, da-le adresa ca sa primesti minunatie de seminte.

Puteai sa le spui frumos ca legea romana nu este asa de permisiva si ca, in schimb, accepti orice donatie pentru cateva cafele :). Parerea mea... Tu faci, pana la urma, ce doresti.

off:In Romania THC-ul este interzis,semintele NU.Sunt si site-uri romanesti care vand.

on:cred ca ma apuc si eu de cautat bugs.pacat ca multe din ele nu platesc nimic.

Share this post


Link to post
Share on other sites
Fi8sVrs    922

Bug Bounty

What is better than getting your exploit published on Packet Storm?

Getting paid when your exploit is published on Packet Storm!

Packet Storm is offering large sums of cash for well crafted code execution exploits.

Why is this program better than other bug bounty programs?

Other companies that buy exploits rarely share them with the public and once bought, require that the author does not share them. We are going the other direction on this idea. If the author of the exploit permits it, we plan to release them publicly after sixty days for everyone to download. Win - Win.

Why the disclosure?

Because it helps the greater good and is in-line with our initiative to provide security engineers the ability to test their systems for recently patched vulnerabilities.

I'm in. What are the next steps?

You can talk to us by sending an email to getpaid at packetstormsecurity.com with description of your exploit or by submitting the contact form below. Please do not send us the code at this step.

The list of targets that we are looking for moves constantly. If you believe that you can offer quality exploits that demonstrate full code execution, it is worth a discussion. It is vitally important that you can articulate what is being exploited, how it is being exploited, what systems and patch levels you have tested with, and that your work is 100% yours to sell. We will not accept exploits that already have public proof of concepts, nor will we accept known plagiarized work.

How much money can I make?

Different issues offer different levels of compensation. The typical payout for a working exploit ranges anywhere from $1,000 - $7,000 USD and there is the opportunity for even larger payouts if you have written some amazing zero-day. Nothing is off the table. That said, in the typical pay range, we're also soliciting code execution exploits for "0.5-day" vulnerabilities in mainstream software such as Microsoft Windows and Oracle Java that already have a published advisory but with no known working exploit.

Please login or register to see this link.

Share this post


Link to post
Share on other sites
1337    556

Wall of fame : Please login or register to see this link.

Updated terms and conditions : Please login or register to see this link.

Share this post


Link to post
Share on other sites
hate.me    730

a inceput si microsoft sa ofere recompense financiare :)

Please login or register to see this link.

After years of saying that the company didn’t need a bug bounty program, Microsoft is starting one. The company today will announce the start of a new program that will pay security researchers up to $100,000 for serious vulnerabilities and as much as $50,000 for new defensive techniques that help protect against those flaws.

threatpost.com/microsoft-launches-100000-bug-bounty-program/

Share this post


Link to post
Share on other sites
florin_darck    180
a inceput si microsoft sa ofere recompense financiare :)

Please login or register to see this link.

threatpost.com/microsoft-launches-100000-bug-bounty-program/

Din pacate "not for bugs in web applications" ..

Share this post


Link to post
Share on other sites
akkiliON    430

Please login or register to see this link.

Bounty

We appreciate your findings and in exchange we offer any one of the following:

- a t-shirt from Thinkgeek or Jinx

- a donation to Room To Read

Share this post


Link to post
Share on other sites
Nytro    2659

Please login or register to see this link.

  • Every entry which will be selected, after the evaluation by our security experts, will be rewarded with a bounty.
  • The monetary reward for one bounty is 1000 USD or more.
  • Only one bounty per security bug will be awarded.

Share this post


Link to post
Share on other sites
D4ny    6

care e faza cu bugurile astea ? ce se intampla dak le accesez k am incercat si .... nimic :sad: :(

Share this post


Link to post
Share on other sites
nacks    38
care e faza cu bugurile astea ? ce se intampla dak le accesez k am incercat si .... nimic :sad: :(

Iti bati capul cu prostii (a gresit Nytro ca te a lasat sa citesti) ... incearca altceva ;)

Share this post


Link to post
Share on other sites
hate.me    730
care e faza cu bugurile astea ? ce se intampla dak le accesez k am incercat si .... nimic :sad: :(

citeste aici :)

Please login or register to see this link.

Share this post


Link to post
Share on other sites
FarSe    92

Acele siteuri au un program bug bounty fix,dar si restu de siteuri cat de cat mari dau ceva bani daca ii ajuti,spre exemplu am luat 50 USD pentru un xss in fileice.net .

Share this post


Link to post
Share on other sites
djcata112    10

Multe site-uri din urmatoarele au mai fost postate si imi cer scuze pentru aceasta

Google: If you find vulnerability in google , you will get reward as well as your name will be listed in the Google Hall of fame page. Details about Vulnerability Reward Program: Please login or register to see this link. Hall of fame: Please login or register to see this link. - See more at: Please login or register to see this link.

Security Bug Bounty from facebook:

Minimum reward is $500 USD.

The reward will be increased for severe or creative bugs

Only 1 bounty per security bug will be awarded

Please login or register to see this link.

Mozilla Bug Bounty program:

The Mozilla Security Bug Bounty Program is designed to encourage security research in Mozilla software and to reward those who help us create the safest Internet clients in existence.

The bounty for valid web applications or services related security bugs, the are giving a range starting at $500 (US) for high severity and, in some cases, may pay up to $3000 (US) for extraordinary or critical vulnerabilities. they will also include a Mozilla T-shirt.

Please login or register to see this link.

Paypal Bug Bounty Program For Professional Researchers

Please login or register to see this link.

Secunia Vulnerability Coordination Reward Program (SVCRP)

SVCRP – a reward program incentive offered by Secunia to researchers who have discovered a vulnerability and would like a third party to confirm their findings and handle the coordination process with the vendor on their behalf: Please login or register to see this link.

Etsy :

Will pay a minimum of $500 for qualifying vulnerabilities, subject to a few conditions and with qualification determined by the Etsy Security Team.

Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Please login or register to see this link. Please login or register to see this link. Please login or register to see this link.

Android Free Apps - Please login or register to see this link.

Apple - Please login or register to see this link.

Blackberry - Please login or register to see this link.

Braintree - Please login or register to see this link.

Card - Please login or register to see this link.

cPaperless - Please login or register to see this link.

Chargify - Please login or register to see this link.

eBay - Please login or register to see this link.

EVE - Please login or register to see this link.

Freelancer - Please login or register to see this link.

Future Of Enforcement - Please login or register to see this link.

Gitlab - Please login or register to see this link.

Gliph - Please login or register to see this link.

Harmony - Please login or register to see this link.

lastpass - Please login or register to see this link.

Mahara - Please login or register to see this link.

MailChimp - Please login or register to see this link.

Microsoft (Online Services) - Please login or register to see this link.

Netflix - Please login or register to see this link.

Nokia - Please login or register to see this link.

Nokia Siemens Networks - Please login or register to see this link.

Norada - Please login or register to see this link.

Owncloud - Please login or register to see this link.

Opera - Please login or register to see this link.

Oracle - Please login or register to see this link.

Puppet Labs - Please login or register to see this link.

RedHat - Please login or register to see this link.

Risk.io - Please login or register to see this link.

Sellfy - Please login or register to see this link.

Spotify - Please login or register to see this link.

Sprout Social - Please login or register to see this link.

37signals - Please login or register to see this link.

Tuenti - Please login or register to see this link.

Twilio - Please login or register to see this link.

Twitter - Please login or register to see this link.

WizeHive - Please login or register to see this link.

Xmarks - Please login or register to see this link.

Zendesk - Please login or register to see this link.

Zynga - Please login or register to see this link.

PRODUCTS AND SERVICES (NO REWARD)

Amazon Web Services (AWS) - Please login or register to see this link.

Apriva - Please login or register to see this link.

Authy - Please login or register to see this link.

Blackboard - Please login or register to see this link.

Box - Please login or register to see this link.

Cisco - Please login or register to see this link.

Cloudnetz - Please login or register to see this link.

Contant Contact - Please login or register to see this link.

Coupa - Please login or register to see this link.

Drupal - Please login or register to see this link.

EMC2 - Please login or register to see this link.

Emptrust - Please login or register to see this link.

Heroku - Please login or register to see this link.

HTC - Please login or register to see this link.

IBM - Please login or register to see this link.

LinkedIn - Please login or register to see this link.

Lookout - Please login or register to see this link.

Modus CSR - Please login or register to see this link.

Panzura - Please login or register to see this link.

Pop Group - Please login or register to see this link.

Reddit - Please login or register to see this link.

Relaso - Please login or register to see this link.

Salesforce - Please login or register to see this link.

Simplify - Please login or register to see this link.

Skoodat - Please login or register to see this link.

Scorpion Software - Please login or register to see this link.

Snappy - Please login or register to see this link.

Square - Please login or register to see this link.

Symantec - Please login or register to see this link.

Team Unify - Please login or register to see this link.

Viadeo - Please login or register to see this link.

VSR - Please login or register to see this link.

Xen - Please login or register to see this link.

BROKERS AND SECURITY COMPANIES

Beyond Security - Please login or register to see this link.

COSINC - Please login or register to see this link.

Exodus Intelligence - Please login or register to see this link.

ExploitHub - Please login or register to see this link.

HP Zero-Day Initiative (ZDI) - Please login or register to see this link.

iDefense - Please login or register to see this link.

Insight Partners - Please login or register to see this link.

Netragard - Please login or register to see this link.

Packet Storm - Please login or register to see this link.

Secunia - Please login or register to see this link.

White Fir Design - Please login or register to see this link.

Edited by djcata112

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×