Open pstehlik opened 5 years ago
Issue Status: 1. Open 2. Started 3. Submitted 4. Done
This issue now has a funding of 5000.0 DAI (5000.0 USD @ $1.0/DAI) attached to it as part of the centrifuge fund.
Issue Status: 1. Open 2. Started 3. Submitted 4. Done
Work has been started.
These users each claimed they can complete the work by 316 years from now. Please review their action plans below:
1) sachincool has started work.
take time in recon and Find what the company software does, Look at the in-scope vectors to find out what would the best starting point. See what functionality does the software provides and If there's any way to bypass input sanitization. look at several other company-owned domains for numerous vulnerabilities like the Owasp-top-10
Tools I'm going to use: Burp (Mostly), Amass, Sublist3r, LinkFinder, JsParser. few others depending on what Stack I find. 2) davidbanu has started work.
I will look for any vulnerability in the code and manual test it... 3) roony0072 has started work.
I am going to check URL through MXToolbox. Also will use Burp Suite.
Learn more on the Gitcoin Issue Details page.
Issue Status: 1. Open 2. Started 3. Submitted 4. Done
Work for 5000.0 DAI (5000.0 USD @ $1.0/DAI) has been submitted by:
@pstehlik please take a look at the submitted work:
⚡️ A tip worth 200.00000 DAI (200.0 USD @ $1.0/DAI) has been granted to @roony0072 for this issue from @. ⚡️
Nice work @roony0072! To redeem your tip, login to Gitcoin at https://gitcoin.co/explorer and select 'Claim Tip' from dropdown menu in the top right, or check your email for a link to the tip redemption page.
Issue Status: 1. Open 2. Started 3. Submitted 4. Done
This Bounty has been completed.
Additional Tips for this Bounty:
Issue Status: 1. Open 2. Started 3. Submitted 4. Done
This issue now has a funding of 5000.0 DAI (5000.0 USD @ $1.0/DAI) attached to it as part of the Centrifuge fund.
Issue Status: 1. Open 2. Started 3. Submitted 4. Done
Work has been started.
These users each claimed they can complete the work by 316 years, 1 month from now. Please review their action plans below:
1) evertonmelo has started work.
add issues for requeriments and prevent possibles splits or broken. 2) naderakhlagh has started work.
Bounty add dap fjkrac dbjrev gtb. Vbyfer. Fg 3) lucasvo has started work.
Deprecating this bounty will be replaced with another program. 4) officialhackercommunity has started work.
I am an ethical hacker and pentestor an i have tested many apps and website security and also work with many company my question can i test and perform ll security test on website 5) andyafter has started work.
Hey there I am very interested in this project. How could I apply for it and what would the work proccess be?
Learn more on the Gitcoin Issue Details page.
@pstehlik seems you've renewed that issue on Gitcoin. How to get notified about new PRs needed to be checked?
Issue Status: 1. Open 2. Started 3. Submitted 4. Done
This Bounty has been completed.
Additional Tips for this Bounty:
Why We Care About Security
No technology is perfect or perfectly secure. Centrifuge believes that working with skilled security researchers across the globe is crucial in identifying weaknesses in any technology. We welcome the contribution of external security researchers and look forward to awarding them for their invaluable contribution to the security of all our users.
If you believe you've found a security issue in our product or service, we encourage you to notify us. The disclosure of security vulnerabilities helps us ensure the security and privacy of our users and we will reward valid, in-scope submissions with a bounty.
Please refer to the Centrifuge Security Vulnerability Disclosure page for further information on how to disclose any vulnerability you might find.
Rewards
The minimum reward is 100 DAI. The reward depends on the vulnerability severity and ease of exploit that were submitted. Payments are made via our pre-funded Gitcoin bounty.
Rewards will only be granted for the first submission of any valid in-scope vulnerability. The reward will be granted only to the first researcher to submit a valid in-scope submission through the official e-mail account security@centrifuge.io. Please refer to the Centrifuge Security Vulnerability Disclosure page for further information on how to disclose any vulnerability you might find.