How to get greater bounties for MEDIUM and LOW risk reports?
✉️ Sign up for the mailing list: https://bbre.dev/nl
? Follow me on twitter: https://bbre.dev/tw
In this video, I’m sharing with you a few tips which I follow when reporting medium and low-risk bugs to still get good bounties for them. I’ll use the example of my recent bug in Stripe Apps that could lead to an account takeover.
? Get $100 in credits for Digital Ocean: https://bbre.dev/do
Timestamps:
00:00 Intro
00:54 Work for program’s security, not for bounty
02:15 Take the arguments out of their hands
04:28 Don’t write lazy reports
07:44 Example: My recent $2,000 bug in Stripe
Add comment