Lista site-urilor care au un program Bug Bounty

[poq]

Chiar aveam de gând s? postez.

Security | Magento

Nu raspund, astept de sambata...

Si e urat ca astepti...asteeepti si te temi sa nu iti dea dup.

[tpad]

http://garena.com

http://garena.sg

http://garena.my

http://garena.vn

http://garena.tw

http://garena.co.id

http://garena.in.th

http://garena.ph

http://garena.ru

N-au program oficial, dar va pot ajuta sa intrati in contact cu cei care dau banii. Platesc doar pentru vulnerabilitati SSH, RCE, SQLi, AuthBypass sau info leak.

Edited April 3, 2014 by tpad

[florin_darck]

https://hackerone.com/mailru

[daatdraqq]

Hello

*

Due to the shutdown of Magento Go and ProStores, submissions for these applications will be accepted only throughJuly 31, 2014. We will not pay bounties on submissions after that date but will accept responsible disclosures atebayincbugbounty@ebay.com.

*

For more information on the announcement, please see the information released*today:Important Announcement about Magento Go and ProStores | Magento

*

Thanks,

eBay, Inc Bug Bounty Team

*

[akkiliON]

Security Incident Response Team - Tapatalk

[Nytro]

Indeed Engineering Blog » Blog Archive Bug Bounty Program: Cash Rewards for Reported Vulnerabilities » Indeed Engineering Blog

[tpad]

Garena Viet Nam and its subdomains

Rewards for these types of vunerabilities: https://www.owasp.org/index.php/Top_10_2013-Top_10

Only 1 bounty will be awarded per vulnerability.

If we receive multiple reports for the same vulnerability, only the person offering the first clear report will receive a reward.

We maintain flexibility with our reward system, and have no minimum/maximum amount; rewards are based on severity, impact, and report quality.

[Fi8sVrs]

Dropbox launches bug hunter bounty programme from $216 a flaw

[Nytro]

Microsoft expands its bug bounty programs to include Azure, Sway, and Project Spartan | VentureBeat | Security | by Emil Protalinski

[Nytro]

Nu stiu daca s-a mai postat:

https://crowdshield.com/bug-bounty-list.php

[Conjo]

cPanel Security Bounty Program | cPanel, Inc.

Vulnerability Rewards Program - The Chromium Projects

https://www.coinbase.com/whitehat

https://coinkite.com/faq/responsible-disclosure

https://bugcrowd.com/lastpass?utm_source=the-list&utm_medium=list-link&utm_campaign=lastpass

[Nytro]

Lista lunga: List of Bug Bounty Programs INTERNATIONAL 426+ OFFICIAL - Bug Bounty Sheet VULNERABILITY LAB

[Conjo]

Inca o lista de peste 2-3 sute de site-uri cu bug bounty:

https://bugcrowd.com/list-of-bug-bounty-programs

[zeroabsolut]

gasisem eu ceva interesant la gmail.com acum un an

daca stiai ca datele de logare sunt corecte desi avea verificarea prin sms dadeai un backspace si treceai de verificarea prin sms.

Nu il mai au de ceva timp.Nu stiam ca se plateste si ca se raporteaza

 

Si cred ca si ultima versiune de winrar(aia beta) are o problema sau poate e sistem de securitate.Daca pun 8 fisiere short cut(copi) intr-un fisier si dupa sa arhivez intr-o arhiva atunci cand intru in fisierul arhivat nu imi da voie sa intru in el.

Edited February 10, 2016 by zeroabsolut

[QuoVadis]

NETGEAR si-au lansat program BB:

 

https://bugcrowd.com/netgear

[Fi8sVrs]

Quote

Join our first public bug bounty

With support from the Open Technology Fund, we’re launching our first public bug bounty with HackerOne. We’re specifically looking for your help to find bugs in Tor (the network daemon) and Tor Browser. A few of the vulnerabilities we’re looking for include local privilege escalation, unauthorized access of user data, attacks that cause the leakage of crypto material of relays or clients, and remote code execution. In January 2016, we launched a private bug bounty; hackers helped us catch 3 crash/DoS bugs (2 OOB-read bugs + 1 infinite loop bug) and 4 edge-case memory corruption bugs.

Tor users around the globe, including human rights defenders, activists, lawyers, and researchers, rely on the safety and security of our software to be anonymous online. Help us protect them and keep them safe from surveillance, tracking, and attacks. We’ll award up to $4,000 per bug report, depending on the impact and severity of what you find.

 

https://blog.torproject.org/blog/we-will-pay-you-to-hack-tor-bug-bounty

[Fi8sVrs]

HBO Apparently Offered Hackers $250,000 In “Bug Bounty” – Hackers Leak Emails From Network

https://www.theguardian.com/technology/2017/aug/11/hbo-offered-hackers-250000-dollars-bug-bounty-leaked-email-claims

[QuoVadis]

1 hour ago, Fi8sVrs said:

HBO Apparently Offered Hackers $250,000 In “Bug Bounty” – Hackers Leak Emails From Network

https://www.theguardian.com/technology/2017/aug/11/hbo-offered-hackers-250000-dollars-bug-bounty-leaked-email-claims

 

Defapt s-au spart altii din HBO si au zis ca defapt e tactica de "delay".

[Fi8sVrs]

ZERODIUM pays premium bounties and rewards to security researchers to acquire their original and previously unreported zero-day research affecting major operating systems, software, and devices. While the majority of existing bug bounty programs accept almost any kind of vulnerabilities and PoCs but pay very low rewards, at ZERODIUM we focus on high-risk vulnerabilities with fully functional exploits, and we pay the highest rewards on the market.

 

ZERODIUM is currently acquiring zero-day exploits affecting the following products: https://zerodium.com/program.html

[Fi8sVrs]

• HackerOne aims to pay bug bounty hunters $100 million by 2020
• https://hackerone.com/uber
• https://security.samsungmobile.com/rewardsProgram.smsb
• https://zerodium.com/tor.html - Sep. 13, 2017 - ZERODIUM, the premium zero-day acquisition platform, announces and hosts a Tor Browser Zero-Day Bounty. ZERODIUM will pay a total of one million U.S. dollars ($1,000,000) in rewards to acquire zero-day exploits for Tor Browser on Tails Linux and Windows.
• https://www.pornhub.com/support  - Aug. 10, 2017 - Pornhub ,may provide rewards to eligible reporters of qualifying vulnerabilities. Our minimum reward is $50 USD, and our maximum rewards is $25,000 USD. Reward amounts may vary depending upon the severity of the vulnerability reported.  Read more...
• https://www.dji.com/newsroom/news/dji-to-offer-bug-bounty-rewards-for-reporting-software-issues   - Aug. 28, 2017  -  DJI To Offer 'Bug Bounty' Rewards For Reporting Software Issues. Rewards for qualifying bugs will range from $100 to $30,000, depending on the potential impact of the threat. Read more..             
• https://security.samsungmobile.com/rewardsProgram.smsb  - Nov. 29, 2017 -  Under the Samsung Electronics' Mobile Security Rewards Program, security researchers can collect up to $200,000 per vulnerability, depending on severity, for any of the company's mobile devices that currently receive either monthly or quarterly security updates.  Read more..

Edited November 29, 2017 by Fi8sVrs
+ dji, +Samsung Mobile

[Fi8sVrs]

On 4/14/2013 at 4:18 PM, bcman said:

Si Yahoo, ei iti dau tricou

Maximum Payout: Yahoo can pay $15000 for detecting important bugs in their system.

[Fi8sVrs]

Easy

https://hackerone.com/directory?offers_bounties=true&order_direction=DESC&order_field=started_accepting_at

[gigiRoman]

6 hours ago, OKQL said:

Easy

https://hackerone.com/directory?offers_bounties=true&order_direction=DESC&order_field=started_accepting_at

Ai bagat ceva activitate?

[Fi8sVrs]

57 minutes ago, gigiRoman said:

Ai bagat ceva activitate?

Da, se mai bagă, eu sunt pe banca de rezervă

[Kev]

https://octopus.com/blog/public-bug-bounty