Page 1 of 1

Legal Hacking (Bug Bounty)

Posted: Thu Sep 04, 2014 2:02 pm
by dandymcgee
So I recently became aware that many major technology companies have active reward systems in place for responsible disclosure of bugs and potential security vulnerabilities. While I'm familiar with the idea, I didn't realize there was a website which conveniently lists active programs and whether or not the company is offering bounties / rewards.

https://bugcrowd.com/list-of-bug-bounty-programs

More notable participants include (not an exhaustive list):
Dropbox
Github
Google
Facebook
Microsoft
Mozilla
Paypal
Tesla
Twitter
YouTube

For example, Google is paying bounties ranging from $500 - $60,000 to anyone who reports a vulnerability in Chromium which they deem serious enough to warrant a reward.

If you're interested in security research as a hobby but aren't interested in the prison time associated with irresponsible targeting, perhaps you should consider targeting one of these companies instead.

Re: Legal Hacking (Bug Bounty)

Posted: Sun Sep 07, 2014 8:37 am
by Accy
The US military also hires people to maliciously hack other countries if you're into that. Though I don't know how many hackers want to be a SLAVE TO THA MASHEEN

Re: Legal Hacking (Bug Bounty)

Posted: Sun Sep 07, 2014 10:20 am
by dandymcgee
Accy wrote:The US military also hires people to maliciously hack other countries if you're into that. Though I don't know how many hackers want to be a SLAVE TO THA MASHEEN
Yeahhhh, no. I would probably end up being the next Snowden.