Important Note - Interest is terrible thing to waste. Where are you?

\/ w4rri0r \/ H4ck!ng !5 n0t 4 Cr!m3 - It's an art of Awareness. \/ w4rri0r mission \/ is to make the information systems more secure, more aware, more reliable and protect against possible security breaches.

\/ w4rri0r \/ internationally recognized [security researchers or ethical hacker or white-hat hacker] and appreciated by Google, Microsoft, RedHat, AT&T, Adobe, PayPal, Yandex, eBay, Barracuda Networks, Nokia Siemens Network, Tuenti, Opera, BlackBerry, Nokia, Zynga, Netflix, iFixit, 37signals, SoundCloudConstant Contact, Xmarks, LaunchKey, Zendesk and we are currently building \/ w4rri0r group \/ and inviting to join worldwide Security Researchers and Professionals. If you think you can contribute anything for \/ w4rri0r group \/ you are heartily invited and we'll give credit for your contribution and is greatly appreciated. [Launching soon]

If you have any questions, ideas, suggestions or contributions please do not hesitate to contact @ This email address is being protected from spambots. You need JavaScript enabled to view it. and will respond you within 24 hours.

Open Panel
  • Register

List of world known - Bug Bounty Programs

List of World Known Bug Bounty Programs It all started a long time ago. We don’t know who coined the term, but Google made it well-known when they launch their Bug Bounty Program in order to get more secure.

After that, big companies like AT&T, Facebook, Mozilla, Paypal, Samsung, Yandex and others, realised how important Bug Bounty Programs are for their services, products and started implementing them as well.

The advantages for companies that run Bug Bounty Program and security professionals or bug hunters are clear. Companies patch their flaws/vulnerabilities, while security specialists get paid or hall of fame for it.

\/ w4rri0r \/ have put together a list of the most notable world known Bug Bounty Programs -

PRODUCTS AND SERVICES (REWARD OFFERED)

  1. Access - https://www.accessnow.org/prize
  2. AT&T - http://developer.att.com/developer/apiDetailPage.jsp?passedItemId=10700235
  3. Avast! - http://www.avast.com/bug-bounty
  4. Barracuda - http://barracudalabs.com/?page_id=3456
  5. Chromium Project - http://www.chromium.org/Home/chromium-security/vulnerability-rewards-program
  6. Coinbase - https://coinbase.com/whitehat
  7. Cryptocat - https://crypto.cat/bughunt/
  8. Etsy - http://www.etsy.com/help/article/2463
  9. Facebook - http://www.facebook.com/whitehat/bounty/
  10. Gallery - http://codex.gallery2.org/Bounties
  11. Google - http://www.google.com/about/company/rewardprogram.html
  12. Hex-Rays - http://www.hex-rays.com/bugbounty.shtml
  13. IntegraXor (SCADA) - http://www.integraxor.com/blog/integraxor-hmi-scada-bug-bounty-program
  14. Kaneva - http://docs.kaneva.com/mediawiki/index.php/Bug_Bounty
  15. LaunchKey - https://launchkey.com/docs/whitehat
  16. ManageWP - https://managewp.com/white-hat-reward
  17. Marktplatts - http://statisch.marktplaats.nl/help/responsible_disclosure_policy_en.html
  18. Mega.co.nz - http://thenextweb.com/insider/2013/02/01/kim-dotcom-puts-up-13500-bounty-for-first-person-to-break-megas-security-system/
  19. Meraki - http://www.meraki.com/trust/#srp
  20. Microsoft - http://www.microsoft.com/security/msrc/report/bountyprograms.aspx
  21. Mozilla - http://www.mozilla.org/security/bug-bounty.html
  22. Paypal - https://www.paypal.com/us/webapps/mpp/security/reporting-security-issues
  23. PikaPay - https://www.pikapay.com/pikapay-security-policy/
  24. Piwik - http://piwik.org/security/
  25. Qmail - http://cr.yp.to/djbdns/guarantee.html
  26. Ripple - https://ripple.com/bug-bounty/
  27. Samsung - https://samsungtvbounty.com/
  28. Simple - https://www.simple.com/policies/website-security/
  29. Tarsnap - https://www.tarsnap.com/bugbounty.html
  30. Yandex - http://company.yandex.com/security/index.xml

 PRODUCT AND SERVICES (HALL OF FAME + SWAG) \/Reward: T-shirt \/

  1. Atlassian - https://confluence.atlassian.com/display/SUPPORT/How+to+Report+a+Security+Issue
  2. Dropbox - https://www.dropbox.com/special_thanks
  3. Engineyard - https://www.engineyard.com/legal/responsible-disclosure-policy
  4. Github - https://help.github.com/articles/responsible-disclosure-of-security-vulnerabilities
  5. ifixit - http://www.ifixit.com/Info/Responsible_Disclosure
  6. Paymill - https://www.paymill.com/en-gb/support-3/worth-knowing/security/
  7. Schuberg Philis - http://www.schubergphilis.com/newsroom/library/downloads-policies/responsible-disclosure-policy/
  8. Soundcloud - http://help.soundcloud.com/customer/portal/articles/439715-responsible-disclosure
  9. Yahoo - http://security.yahoo.com

PRODUCT AND SERVICES (HALL OF FAME AND NO REWARD)

  1. 37signals - https://37signals.com/security-response
  2. Acquia - https://www.acquia.com/how-report-security-issue
  3. Active Prospect - http://activeprospect.com/activeprospect-security/
  4. Adobe - http://www.adobe.com/support/security/alertus.html
  5. Android Free Apps - http://www.androidfreeapp.net/security-researcher-acknowledgments/
  6. Apple - http://support.apple.com/kb/HT1318
  7. Besnappyhttp://besnappy.com/security
  8. Blackberry - http://us.blackberry.com/business/topics/security/incident-response-team/collaborations.html
  9. Braintree - https://www.braintreepayments.com/developers/disclosure
  10. Card - https://www.card.com/responsible-disclosure-policy
  11. cPaperless - http://www.cpaperless.com/securitystatement.aspx
  12. Chargify - https://chargify.com/security/
  13. eBay - http://pages.ebay.com/securitycenter/ResearchersAcknowledgement.html
  14. EVE - http://community.eveonline.com/devblog.asp?a=blog&nbid=2384
  15. Freelancer - http://www.freelancer.com/info/vulnerability-submission.php
  16. Future Of Enforcement - http://futureofenforcement.com/?page_id=695
  17. Gitlab - http://blog.gitlab.com/responsible-disclosure-policy/
  18. Gliph - https://gli.ph/s/security.html
  19. Harmony - http://get.harmonyapp.com/security/
  20. lastpass - https://lastpass.com/support_security.php
  21. Mahara - https://wiki.mahara.org/index.php/Contributors#Security_Researchers
  22. MailChimp - http://mailchimp.com/about/security-response/
  23. Microsoft - http://technet.microsoft.com/en-us/security/cc308589
  24. Netflix - http://support.netflix.com/en/node/6657#gsc.tab=0
  25. Nokia - http://www.nokia.com/global/security/acknowledgements/
  26. Nokia Siemens Networks - http://www.nokiasiemensnetworks.com/about-us/responsible-disclosure
  27. Norada - http://norada.com/crm-software/security_response
  28. Owncloud - http://owncloud.org/about/security/hall-of-fame/
  29. Opera - https://bugs.opera.com/wizarddesktop/
  30. Oracle - http://:oracle.com/technetwork/topics/security/securityfixlifecycle-086982.html
  31. Puppet Labs - https://puppetlabs.com/security/acknowledgments/
  32. RedHat - https://access.redhat.com/knowledge/articles/66234
  33. Risk.io - https://www.risk.io/security
  34. Sellfy - https://sellfy.com/security/
  35. Spotify - https://www.spotify.com/us/about-us/contact/report-security-issues/
  36. Sprout Social - http://sproutsocial.com/responsible-disclosure-policy
  37. Tuenti - http://corporate.tuenti.com/en/dev/hall-of-fame
  38. Twilio - https://www.twilio.com/docs/security/disclosure
  39. Twitter - https://twitter.com/about/security
  40. WizeHive - http://www.wizehive.com/special_thanks.html
  41. Xmarks - https://buy.xmarks.com/security.php
  42. Zendesk - http://www.zendesk.com/company/responsible-disclosure-policy
  43. Zynga - http://company.zynga.com/security/whitehats

BROKERS AND SECURITY COMPANIES

  1. Beyond Security - http://www.beyondsecurity.com/ssd.html
  2. Bugcrowd - https://portal.bugcrowd.com/accounts/register/
  3. COSINC - http://www.coseinc.com/en/index.php?rt=advisory
  4. Exodus Intelligence - https://www.exodusintel.com/eip/
  5. ExploitHub - https://www.exploithub.com/request/index/developmentrequests/
  6. HP Zero-Day Initiative (ZDI) - http://www.zerodayinitiative.com/about/benefits/
  7. Insight Partners - https://gvp.isightpartners.com/program_details.gvp?page=3&title=1&section=0
  8. Netragard - http://pentest.snosoft.com/netragards-eap/
  9. Packet Storm - http://packetstormsecurity.com/bugbounty
  10. Secunia - http://secunia.com/community/research/svcrp
  11. White Fir Design - https://www.whitefirdesign.com/about/wordpress-security-bug-bounty-program.html


Bug Bounty Programs Advantages:

  • Looking at Google, Facebook, Mozilla etc, it has been proven that using the power of the crowd to find and patch vulnerabilities is a fast, good way to secure your server/web application.
  • Helps you better manage your security budget by paying only valid vulnerabilities and not by hour.
  • Bug Bounty Programs represent a very good marketing tool for companies that run such programs as well for the bug hunters.
  • Participating in such programs as a security professional, you’ll get continuous security training and it will strengthen your personal branding within the Digital and Information Security industry.

Interest is terrible thing to waste. Where are you?


\/ ALL THE BEST - Bug Hunters \/

w4rri0r.com - Main Menu

Home

Vulnerability

Exploits

Advisories

Training

Toolbox

Blog

CORE Impact Professional

Logo Core ImpactCORE Impact Professional is the most comprehensive software solution for assessing and testing security vulnerabilities throughout your organization.

 
 

Read More...

IBM Security AppScan

Logo IBM Rational AppScanIBM Rational AppScan Enterprise is a scalable solution to help resolve application security vulnerabilities, offering recommendations to simplify remediation.

 

Read More...

HP WebInspect

Logo - HP WebInspectHP WebInspect gives security professionals and security novices alike the power and knowledge to quickly identify and validate critical, high-risk security vulnerabilities.

 

Read More...

Acunetix WVS

logo acunetix web application securityAcunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits web applications by checking for hacking vulnerabilities. 

 

Read More...

w4rri0r - H4ck!ng !s n0t 4 Cr!m3 - It's an art of Awareness

\/ w4rri0r - H4ck!ng !s n0t 4 Cr!m3 - It's an art of Awareness.  \/ -  w4rri0r work in the dark, w4rri0r do what w4rri0r can, w4rri0r give what w4rri0r have, w4rri0r doubt is w4rri0r passion and w4rri0r passion is w4rri0r task. The rest is the madness of art. \/ w4rri0r \/ 

\/ w4rri0r.com \/ are the great resource for information security professionals and researcher. \/ w4rri0r \/ offers a extensive variation of information security services that include SECURITY EXPLOITS (Bug or Vulnerability), SECURITY ADVISORIES (Security Alerts), SECURITY RESEARCHER TOOLBOX (Freeware, Shareware & Open-Source), SHELLCODE (Attacker Controller - Chunk of Data), SECURITY TRAINING (Educational Purpose), SECURITY NEWS (Security Recent or Important Events) and with this group you can be assured that you’re in the right hands. \/ w4rri0r gr0up \/  efforts being endorsed and appreciated by administrators, security researchers and members of various underground hacking groups and communities worldwide.

\/ w4rri0r mission \/ are to make the information systems more secure, more aware, more reliable and protect against possible security breaches.