Legal Hacking (Bug Bounty)

Post by **dandymcgee** » Thu Sep 04, 2014 2:02 pm

So I recently became aware that many major technology companies have active reward systems in place for responsible disclosure of bugs and potential security vulnerabilities. While I'm familiar with the idea, I didn't realize there was a website which conveniently lists active programs and whether or not the company is offering bounties / rewards.

https://bugcrowd.com/list-of-bug-bounty-programs

More notable participants include (not an exhaustive list):
Dropbox
Github
Google
Facebook
Microsoft
Mozilla
Paypal
Tesla
Twitter
YouTube

For example, Google is paying bounties ranging from $500 - $60,000 to anyone who reports a vulnerability in Chromium which they deem serious enough to warrant a reward.

If you're interested in security research as a hobby but aren't interested in the prison time associated with irresponsible targeting, perhaps you should consider targeting one of these companies instead.

Accy · Post by **Accy** » Sun Sep 07, 2014 8:37 am

The US military also hires people to maliciously hack other countries if you're into that. Though I don't know how many hackers want to be a SLAVE TO THA MASHEEN

Post by **dandymcgee** » Sun Sep 07, 2014 10:20 am

Accy wrote:The US military also hires people to maliciously hack other countries if you're into that. Though I don't know how many hackers want to be a SLAVE TO THA MASHEEN

Yeahhhh, no. I would probably end up being the next Snowden.

Elysian Shadows

Legal Hacking (Bug Bounty)

Legal Hacking (Bug Bounty)

Re: Legal Hacking (Bug Bounty)

Re: Legal Hacking (Bug Bounty)