✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on twitter: https://bbre.dev/tw
In this video, I’m sharing with you a few tips which I follow when reporting medium and low-risk bugs to still get good bounties for them. I’ll use the example of my recent bug in Stripe Apps that could lead to an account takeover.
🖥 Get $100 in credits for Digital Ocean: https://bbre.dev/do
00:54 Work for program’s security, not for bounty
02:15 Take the arguments out of their hands
04:28 Don’t write lazy reports
07:44 Example: My recent $2,000 bug in Stripe