That’s a question that sometimes comes in mind of many “hunters”. Personally in most cases, when I participate on these programs, I use fake information – one of the first reasons is to immediately test the input fields 🙂 Programs that required you to add your credit card info, phone number, bank info, … in… Continue reading Should bug hunters provide real personal data on bug appreciation programs?
Cobalt.io published a nice image on Twitter with some of the security researchers. Can you guess who’s there?
I would like describe a step-by-step of my latest “appreciation program” reward on a security issue in a WordPress plugin. First things first – check if the blog is in-scope of the program. If it is, continue to read this article. If not, you can just see my other tips about #bugbounty (here and here).… Continue reading Get a bounty on a WordPress blog
As a bug hunter at Cobalt, HackerOne and BugCrowd I always try do my best to give programs the best information needed to understand the security report. Sometimes I notice that some public disclosures on HackerOne have just two or three paragraphs like: You guys don’t have SPF header on your mail server. Check it… Continue reading A tip for bug hunters – Sell your service
I would like to thank Cobalt.io team for the gift pack they sent me. Working with them it’s awesome and I hope to keep helping and growing with you guys. PS: Nice to be a Ace of Diamonds 🙂 Cheers!
I was covered in a portuguese article for Tek Sapo about my bug bounty activities, specially at Cobalt.io. If you know portuguese language feel free to take a look: http://tek.sapo.pt/expert/artigo/ha_um_portugues_no_top_de_um_dos_maiores_programas_de_caca_ao_bug-43785gpm.html Or else translate it at Google.
For those who want to know more about me and my work at Cobalt.io check the interview I gave to their blog. https://cobalt.io/blog/interview-with-david-sopas-dsopas/ #kudos to Cobalt.io
Yes! I made it. Since my registration on March this year I reached more than 1000 reputation points on Cobalt.io and become the first to do it. Most of the points were made on private/invite only programs but a couple of them were also public in companies like Nexmo, Weebly, DoSomething and Circle. My next goal? Keep… Continue reading First to reach 1000 rep score on Cobalt.io
Just checked the Hall of Fame of Cobalt.io and I’m now number 1 in the rank. Not bad for a portuguese guy that started in March. Next objective… 1000 points! Let’s go!