Hacker News
- Twitter paid $5000 bug bounty that resulted in 5.4mm leaked records https://hackerone.com/reports/1439026 4 comments
- HackerOne June 2022 Incident Report https://hackerone.com/reports/1622449 6 comments
- Playstation confirms chain of 5 vulnerabilities on PS4/PS5 https://hackerone.com/reports/1379975 160 comments
- Remote Code Execution in Slack desktop apps https://hackerone.com/reports/783877 196 comments
- XXE on HTTPS://Duckduckgo.com https://hackerone.com/reports/483774 2 comments
- HackerOne raises $40M in their C-round of funding https://www.hackerone.com/blog/The-best-security-initiative-you-can-take-in-2017 12 comments
- Shopify has paid over $300k in security exploit bounties https://hackerone.com/shopify-scripts 78 comments
- MS-DOS security bug bounty https://hackerone.com/msdos 2 comments
Lobsters
- Imgur disclosed on HackerOne: SSRF in https://imgur.com/vidgif/url https://hackerone.com/reports/115748 6 comments networking , security
- Forever Bullish on BAT! Brave Software - Bug Bounty Program, rewards trippled! https://hackerone.com/brave/?type=team 20 comments cryptocurrency
- Websites Can Run Arbitrary Code on 'PlayStation Now' - $15,000 Bounty https://hackerone.com/reports/873614 6 comments netsec
- Remote Code Execution in Slack desktop apps https://hackerone.com/reports/783877 41 comments netsec
- Takeover of dangling IP on AWS results in subdomain takeover https://hackerone.com/reports/707748/ 10 comments netsec
- Slack account takeovers using HTTP Request Smuggling https://hackerone.com/reports/737140 28 comments programming
- Remote Code Execution on Windows UniFi Video Server https://hackerone.com/reports/544928 8 comments netsec
- A guide on how not to disclose reports on HackerOne https://hackerone.com/reports/269831 14 comments netsec
- RCE on Steam Client via buffer overflow in Server Info https://hackerone.com/reports/470520 28 comments netsec
- From HackerOne: The 2019 Hacker Report (survey results & statistics) https://www.hackerone.com/resources/the-2019-hacker-report 4 comments netsec
- XSS in Steam React Chat Client (discovered XSS hole in Steam’s React app, confirmed and paid) https://hackerone.com/reports/409850 18 comments reactjs
- RCE in Steam Chat https://hackerone.com/reports/409850 31 comments netsec
- Linux privilege escalation via trusted $PATH in keybase-redirector https://hackerone.com/reports/426944 8 comments netsec
- Blind XXE via Powerpoint files https://hackerone.com/reports/334488 4 comments netsec
- Augur paid out a $5,000 bug bounty on HackerOne for an interesting potential attack by miners https://hackerone.com/reports/377398 11 comments ethereum
- SSRF in Exchange leads to ROOT access in all instances https://hackerone.com/reports/341876 4 comments netsec
- Prototype pollution attack https://hackerone.com/reports/310443 12 comments programming
- Vulnerability disclosure for Node.js third-party modules on HackerOne https://hackerone.com/nodejs-ecosystem?view_policy=true 9 comments node
- European Parliament has approved budget for VLC bug bounty program https://hackerone.com/vlc 377 comments programming
- European Parliament has approved budget for VLC bug bounty program https://hackerone.com/vlc 82 comments linux
- How To: Server-Side Request Forgery (SSRF) https://www.hackerone.com/blog-how-to-server-side-request-forgery-ssrf 4 comments netsec
- DOMXSS on Shopify via postMessage w/hasOwnProperty filter bypass https://hackerone.com/reports/231053 7 comments netsec
- $10,000 Bounty for WannaCrypt “Killswitch” https://hackerone.com/reports/228648 4 comments netsec
- "Hack The Army" Results Are In https://hackerone.com/blog/Hack-The-Army-Results-Are-In 8 comments army
- Announcing HACK THE ARMY https://hackerone.com/blog/announcing-hack-the-army 22 comments army
- *The* most exhaustive list of known Bug Bounty Programs on the internet. https://hackerone.com/bug-bounty-programs 38 comments netsec
- Pentagon Bug Bounty - up to 150K https://hackerone.com/hackthepentagon 9 comments netsec
- HackerOne Disclosure: SSRF in Imgur https://hackerone.com/reports/115748 62 comments netsec
- GM embraces white-hat hackers with public vulnerability disclosure program https://hackerone.com/gm 2 comments netsec
- How a prominent 31c3 hacker was forced to decrypt her HDD by CDG airport security on her way back https://hackerone.com/news/pink-panther 15 comments technology
- Twitter now pays bounties for vulnerabilities https://hackerone.com/twitter 31 comments netsec
- The Internet Bug Bounty- Rewarding friendly hackers who contribute to a more secure internet https://hackerone.com/ibb 6 comments netsec
Linking pages
- Felix Reda – In January, the EU starts running Bug Bounties on Free and Open Source Software https://juliareda.eu/2018/12/eu-fossa-bug-bounties/ 330 comments
- GitHub - trimstray/the-book-of-secret-knowledge: A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more. https://github.com/trimstray/the-book-of-secret-knowledge 270 comments
- So I reverse engineered two dating apps... - push32dup2 https://push32.com/post/dating-app-fail/ 172 comments
- Why are the username and password on two different pages? https://www.twilio.com/blog/why-username-and-password-on-two-different-pages 157 comments
- For Hackers, Anonymity Was Once Critical. That’s Changing. - The New York Times https://www.nytimes.com/2018/09/22/technology/defcon-hackers-privacy-anonymity.html?partner=ifttt 98 comments
- Apple announces long-awaited bug bounty program | TechCrunch https://techcrunch.com/2016/08/04/apple-announces-long-awaited-bug-bounty-program/ 92 comments
- Money Out of Nowhere: How Internet Marketplaces Unlock Economic Wealth - Above the CrowdAbove the Crowd | By Bill Gurley http://abovethecrowd.com/2019/02/27/money-out-of-nowhere-how-internet-marketplaces-unlock-economic-wealth/ 80 comments
- High frequency security bug hunting: 120 days, 120 bugs https://shubs.io/high-frequency-security-bug-hunting-120-days-120-bugs/ 54 comments
- 19-Year-Old Makes Over $1 Million Hunting Software Bugs | PCMag https://www.pcmag.com/news/366907/19-year-old-makes-over-1-million-hunting-software-bugs 45 comments
- The process: Open sourcing BuzzFeed’s single sign-on experience – Increment: Security https://increment.com/security/open-sourcing-buzzfeeds-single-sign-on-process/ 32 comments
- Steam hacker says more vulnerabilities will be found, but not by him | Ars Technica http://arstechnica.com/gaming/2016/04/steam-hacker-says-more-vulnerabilities-will-be-found-but-not-by-him/ 30 comments
- Valve are paying hackers for finding security flaws, plus a website refresh teased top secret games | GamingOnLinux https://www.gamingonlinux.com/articles/valve-are-paying-hackers-for-finding-security-flaws-plus-a-website-refresh-teased-top-secret-games.11763 28 comments
- Given Enough Money, All Bugs Are Shallow https://blog.codinghorror.com/given-enough-money-all-bugs-are-shallow/ 25 comments
- The deterioration of unmanaged bug bounties http://shubh.am/the-deterioration-of-unmanaged-bug-bounties/ 25 comments
- Hacker E-Book| Helping You Hack, Learn and Earn - HackerOne https://hackerone.com/news/legally-blind-and-deaf 16 comments
- Joe Sullivan guilty in Uber hacking case - The Washington Post https://www.washingtonpost.com/technology/2022/10/05/uber-obstruction-sullivan-hacking/ 15 comments
- Hacking the Army • TechCrunch https://techcrunch.com/2017/01/19/hacking-the-army/ 13 comments
- Coinbase and Cardano Call on Hackers to Plug Security Gaps https://www.fxempire.com/news/article/coinbase-and-cardano-call-on-hackers-to-plug-security-gaps-898831 12 comments
- WordPress 4.2 core stored XSS | Klikki http://klikki.fi/adv/wordpress2.html 12 comments
- GitHub - trimstray/the-book-of-secret-knowledge: A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more. https://github.com/trimstray/awesome-ninja-admins 10 comments