? Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
? Follow me on twitter: https://bbre.dev/tw

In this video, I’m sharing with you a few tips which I follow when reporting medium and low-risk bugs to still get good bounties for them. I’ll use the example of my recent bug in Stripe Apps that could lead to an account takeover.

? Get $100 in credits for Digital Ocean: https://bbre.dev/do


00:00 Intro
00:54 Work for program’s security, not for bounty
02:15 Take the arguments out of their hands
04:28 Don’t write lazy reports
07:44 Example: My recent $2,000 bug in Stripe

Add comment

Your email address will not be published. Required fields are marked *