BUG BOUNTY

BUG BOUNTY

A phased approach

At HackersPrey, we value your commitment to the security of our portal. We believe in transparency and collaboration to enhance our portal’s robustness. If you've discovered a potential vulnerability, we encourage you to report it to us following these steps:

curriculu

01

curriculu

Identify vulnerability & its Impact

Begin by gaining a comprehensive understanding of the vulnerability and meticulously document all relevant details. Following this, assess the potential security risks associated with it, taking into account the broader impact it may have.

curriculu
curriculu

02

curriculu

Share Video of POC

Produce a concise, informative video showcasing the exploitation of the vulnerability. Include a clear, step-by-step guide for replicating the issue. Ensure clear communication and careful redaction of sensitive data.

curriculu
curriculu

03

curriculu

Get In Touch with us

To initiate contact with the HackersPrey security team, please email us at helpdesk@hackersprey.com. Ensure your report is thorough, encompassing findings, a PoC video, and mitigation recommendations.

curriculu

Our Course of Action

When you report a security issue and share your Proof of Concept (PoC), our security team will diligently assess it. We will reward bounties for valid, previously unknown vulnerabilities that have not been reported before, with the bounty amount determined by the impact and severity of the vulnerability.

gettouch

Out-Of-Scope Vulnerabilities

  • Exploits using runtime changes
  • Irrelevant activities/intents exported
  • Denial of service attacks
  • Social engineering attacks
  • Software version disclosure
  • Issues requiring exceedingly unlikely user interaction
  • Cross-site Request Forgery (CSRF) with minimal security implications
  • CSP Weaknesses
  • Application crashes
  • Lack of obfuscation
  • Phishing attacks
  • Email enumeration
  • Missing cookie flags on non-authentication cookies
  • Email Spoofing
halloffame


Responsible Disclosure Statement

At HackersPrey, we value the insights of Whitehat hackers. However, if you discover a vulnerability that could compromise customer data or system integrity, please refrain from exploiting it. We appreciate your help in safeguarding HackersPrey and our customers' information and may pursue legal action if vulnerabilities are used for illicit purposes. Thank you for aiding us in maintaining a secure environment.