Maa cyber security group

this blog is providing information and tutorial about ethical hacking. cybersecurity, cybercrime awareness. cybercrime investigation, cybercrime detection, information security.!

Wednesday, July 22, 2015

Bug Bounty Web List

What is the Bug Bounty Program ?

Bug Bounty program provides recognition and compensation to security researchers practicing responsible disclosure. Company started Bug Bounty programs for improve their security, Cyber security researchers are finding vulnerabilities on top websites and get rewarded.

Reward Program

AT&T -http://developer.att.com/developer/apiDetailPage.jsp?passedItemId=10700235 -

(To submit you need to sign up to the free
Developer API program)

Avast! - http://www.avast.com/bug-bounty
Barracuda - http://barracudalabs.com/
Coinbase - https://coinbase.com/whitehat
Chromium Project - http://www.chromium.org/
CrowdShield - https://crowdshield.com/

Cryptocat - https://crypto.cat/bughunt/
Facebook - http://www.facebook.com/whitehat/
Etsy - http://www.etsy.com/help/article/2463
Gallery - http://codex.gallery2.org/Bounties
Ghostscript -http://ghostscript.com/Bug_bounty_program.html(Mostly software development, occasional security issues)
Google -http://www.google.com/about/company/rewardprogram.html
Hex-Rays - http://www.hex-rays.com/bugbounty.shtml
IntegraXor (SCADA) -http://www.integraxor.com/blog/integraxor-hmi-scada-bug-bounty-program
LaunchKey - https://launchkey.com/docs/whitehat
Marktplaats - http://statisch.marktplaats.nl/help/
Mega.co.nz -http://thenextweb.com/insider/2013/02/01/kim-dotcom-puts-up-13500-bounty-for-first-person-to-break-megas-security-system/
Meraki - http://www.meraki.com/trust/#srp
Microsoft -http://www.microsoft.com/security/msrc/report
Mozilla - http://www.mozilla.org/security/bug-bounty.html
Paypal -https://www.paypal.com/us/webapps/mpp/security/reporting-security-issues
PikaPay - https://www.pikapay.com/pikapay-security-policy/
Piwik - http://piwik.org/security/
Ricebridge - http://www.ricebridge.com/bugs.htm(Only available to customers)
Ripple - https://ripple.com/bug-bounty/
Samsung - https://samsungtvbounty.com/
Simple - https://www.simple.com/policies/website-security/
Tarsnap - https://www.tarsnap.com/bugbounty.html
Qiwi - https://www.qiwi.ru/page/hack.action
Qmail - http://cr.yp.to/djbdns/guarantee.html
Yandex -http://company.yandex.com/security/index.xml
Zerobrane -http://notebook.kulchenko.com/zerobrane/zerobrane-studio-bug-bounty

Product & Services (Hall Of Fame Only)

Acquia - https://www.acquia.com/how-report-security-issue
ActiveProspect -http://activeprospect.com/activeprospect-security/
Adobe -http://www.adobe.com/support/security/alertus.html
Amazon.com (retail) - please email details tosecurity@amazon.com
Android Free Apps -http://www.androidfreeapp.net/security-researcher-acknowledgments/
Apple - http://support.apple.com/kb/HT1318
Blackberry -http://us.blackberry.com/business/topics/security/incident-response-team/collaborations.html
Braintree -https://www.braintreepayments.com/developers/disclosure
Card - https://www.card.com/responsible-disclosure-policy
cPaperless -http://www.cpaperless.com/securitystatement.aspx
Chargify - https://chargify.com/security/
DiMartino Entertainment -http://moosikay.dimartinoentertainment.com/site/credits/
eBay - http://pages.ebay.com/securitycenter
EVE - http://community.eveonline.com/devblog.asp?a=blog&nbid=2384
Evernote - http://evernote.com/security/
Foursquare - https://foursquare.com/about/security
Freelancer -http://www.freelancer.com/info/vulnerability-submission.php
Future Of Enforcement -http://futureofenforcement.com/?page_id=695
Gitlab - http://blog.gitlab.com/responsible-disclosure-policy/
Gliph - https://gli.ph/s/security.html
HakSecurity - http://haksecurity.com/special-thanks/
Harmony - http://get.harmonyapp.com/security/
Heroku - https://www.heroku.com/policy/security-hall-of-fame
Iconfinder -http://support.iconfinder.com/customer/portal/articles/1217282-responsible-disclosure-of-security-vulnerabilities
Kaneva -http://docs.kaneva.com/mediawiki/index.php/Bug_Bounty
Kayako - https://my.kayako.com/
Lastpass - https://lastpass.com/support_security.php
Mahara - https://wiki.mahara.org/index.php
MailChimp - http://mailchimp.com/about/security-response/
Microsoft (Online Services) -http://technet.microsoft.com/en-us/security/cc308589
Netflix -http://support.netflix.com/en/node/6657#gsc.tab=0
Nokia -http://www.nokia.com/global/security/acknowledgements/
Nokia Siemens Networks -http://www.nokiasiemensnetworks.com/about-us/responsible-disclosure
Norada - http://norada.com/crm-software/security_response
Owncloud - http://owncloud.org/about/security/hall-of-fame/
Opera - https://bugs.opera.com/wizarddesktop/
Oracle - http://:oracle.com/technetwork/topics/security
Puppet Labs -https://puppetlabs.com/security/acknowledgments/
RedHat -https://access.redhat.com/knowledge/articles/66234
Risk.io - https://www.risk.io/security
Security Net - http://www.securitynet.org/security-researcher-acknoledgments/
Sellfy - https://sellfy.com/security/
Spotify - https://www.spotify.com/us/about-us/contact/report-security-issues/
Sprout Social - http://sproutsocial.com/responsible-disclosure-policy
Telekom - http://www.telekom.com/corporate-responsibility/security/186450
Thingomatic - http://thingomatic.org/security.html
37signals - https://37signals.com/security-response
Tuenti - http://corporate.tuenti.com/en/dev/hall-of-fame
Twilio - https://www.twilio.com/docs/security/disclosure
Twitter - https://twitter.com/about/security
WizeHive -http://www.wizehive.com/special_thanks.html
Xmarks - https://buy.xmarks.com/security.php
Zendesk -http://www.zendesk.com/company/responsible-disclosure-policy
Zynga - http://company.zynga.com/security/whitehats
Product & Services (No Reward)
- Amazon Web Services (AWS) -http://aws.amazon.com/security/vulnerability-reporting
- Apriva - http://www.apriva.com/security
- Authy - https://www.authy.com/security-issue
- Blackboard - http://www.blackboard.com/footer/security-policy.aspx
- Box - https://www.box.com/about-us/security/
- Cisco -http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html#roosfassv
- Cloudnetz - http://cloudnetz.com/Legal/vulnerability-testing-policy.html
- Contant Contact -http://www.constantcontact.com/about-constant-contact/security/report-vulnerability.jsp
- Coupa - http://trust.coupa.com/home/security/coupa-vulnerability-reporting-policy
- Drupal - https://drupal.org/security-team
- EMC² - http://www.emc.com/contact-us/contact/product-security-response-center.htm
- Emptrust - http://www.emptrust.com/Security.aspx
- Heroku - https://www.heroku.com/policy/security-hall-of-fame
- HTC - http://www.htc.com/us/terms/product-security/
- Huawei -http://www.huawei.com/en/security/psirt/report-vulnerabilities/index.htm
- IBM - http://www-03.ibm.com/security/secure-engineering/report.html
- KPN - http://www.kpn.com/Privacy.htm#tabcontent3
- Lievensberg Hospital -http://www.lievensbergziekenhuis.nl/paginas/141-disclaimer.html
- LinkedIn -http://help.linkedin.com/app/answers/detail/a_id/37022
- Lookout - https://www.lookout.com/responsible-disclosure
- Millsap Independent School District -http://www.millsapisd.net/BugReport.cfm
- Modus CSR -http://www.moduscsr.com/security_statement.php
- PagerDuty -http://www.pagerduty.com/security/disclosure/
- Panzura - http://panzura.com/support/panzura-security-policy/
- Pidgin - http://pidgin.im/security/
- Plone -http://plone.org/products/plone/security/advisories
- Pop Group -http://www.popgroupglobal.com/security.php
- Reddit - http://code.reddit.com/wiki/help/whitehat
- Relaso - http://relaso.com/disclosure
- Salesforce -http://www.salesforce.com/company/privacy/security.jsp#vulnerability
- Simplify - http://simplify-llc.com/simplify-security.html
- Skoodat - http://www.skoodat.com/security
- Scorpion Software -http://www.scorpionsoft.com/company/disclosurepolicy/
- Square - https://squareup.com/security/levels
- Symantec - http://www.symantec.com/security/
- Team Unify -http://www.teamunify.com/__corp__/security.php
- Tele2 -http://www.tele2.nl/klantenservice/veiligheid/tele2-en-veiligheid.html
- T-Mobile (Netherlands) - http://www.t-mobile.nl/Global/media/pdf/privacy_statement_juni_2012.pdf
- UPC -http://www.upc.nl/internet/veilig_internet/beveiligingsproblemen/
- Viadeo - http://www.viadeo.com/aide/security/
- Vodafone (Netherlands) -http://over.vodafone.nl/vodafone-nederland/privacy-veiligheid/beveiliging-en-bescherming/wat-doet-vodafone/meld-een-beveilig
- VSR - http://www.vsecurity.com/company/disclosure
- X.commerce - http://www.x.com/security
- Xen -http://www.xen.org/projects/security_vulnerability_process.html
- Ziggo -https://www.ziggo.nl/#klantenservice/internet/risicos-op-internet/meldpunt-beveiligingslekken

at July 22, 2015

Email This BlogThis!Share to Twitter Share to Facebook Share to Pinterest

No comments:

Post a Comment

Newer Post Older Post Home

Subscribe to: Post Comments (Atom)

Evil Twin attack

Evil Twin Attack is attack is frequently carried upon wireless access points with malicious intentions. This attack happens when...

Types of Information System - Pyramid Diagram, TPS, DSS, OLAP

A typical organization is divided into operational, middle, and upper level. The information requirements for users at each level differ. ...
Find Out If Any One Opens Your Computer Without Your Permission

How to Know Who Logged into your computer and when? In Windows, there is one in-built too will records all events in your computer ...

Search This Blog

Pages

Home

About Me

Munjal Pathak: hello, professionally i am a cyber security specialist. cybercrime investigator.

View my complete profile

Blog Archive

▼ 2015 (64)
- ▼ July (47)
- ► August (10)
- ► October (2)
- ► November (4)
- ► December (1)

► 2016 (43)
- ► January (31)
- ► February (12)

► 2017 (3)
- ► February (3)

► 2022 (20)
- ► June (11)
- ► August (6)
- ► November (3)

Report Abuse

Total Pageviews

Awesome Inc. theme. Powered by Blogger.