disclose / diodb

Open-source vulnerability disclosure and bug bounty program database
https://disclose.io/programs/
Creative Commons Zero v1.0 Universal
985 stars 319 forks source link

add new program: {Monash University} #443

Open nohattraveller opened 4 months ago

nohattraveller commented 4 months ago

URL

https://www.monash.edu/cybersecurity/about/mon-csirt

Contact

https://bugcrowd.com/monash-mbb

Bounty

Yes

Additional Information

https://www.monash.edu/.well-known/security.txt

Monash University is committed to protecting the confidentiality, integrity and availability of its information and digital platforms. At Monash, we value and support the work undertaken by the security research community and appreciate it when researchers take the time to report potential security vulnerabilities to us. We are excited for you to participate as a security researcher to help us identify vulnerabilities in our technology systems. Good luck, and happy hunting! Rules of engagement

All email addresses belonging to researchers should be your @bugcrowdninja.com.
Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our services.
Do not modify data that does not belong to you.
You’ll be testing production systems, Please be reasonable with the use of automated tools.
Tools that may result in a Denial Of Service (DoS) are prohibited.
Please be sure to check domain records to confirm Monash University ownership; Do not test assets not owned and controlled by Monash University.

Public Disclosure:

Monash University does not permit public disclosure at this point in time. Exceptions will be made if the Monash University Cyber Risk & Resilience Team believes it is in the best interest of the general public and these will typically be done via CVE publication. In this situation, we would reach out to the researcher to ask if they would like to be acknowledged and named in the CVE record.

Safe Harbor:

When conducting vulnerability research according to this policy, we consider this research to be:

Emmanueltech commented 4 months ago

Hi, I would like to work on this.