Trial or License – thoughts of the Bounty Hunter

2017.07.04

Hi Folks.
Today I want to share with you some thoughts, that I figured out during my journey as hobbyist Bug Bounty hunter.
This is not tech blog, but it can be useful to those who look for new attack surface 🙂

If you ever participated in Bug Bounty program, you should be familiar with the concept of working with Trial\Dev\Sandbox\Test accounts. In a nutshell, company that run Bug Bounty Program, enforce you to cause minimal to none impact on it’s production system and it’s customers. Some companies prefer to use separate servers for bug hunters, specific time frame, or Trial\Dev accounts. More than that, your obligations are to use only accounts that belong to you. To comply with Bug Bounty rules, you have to stay in those terms [and it’s good].
But.
Read more…

Tags :